cybernews

fuite de donnée enregistrée

Latest News


CVE-2025-4887 - SourceCodester Online Student Clearance System Cross-Site Request Forgery Vulnerability

CVE ID : CVE-2025-4887
Published : May 18, 2025, 5:15 p.m. | 1 hour ago
Description : A vulnerability, which was classified as problematic, has been found in SourceCodester Online Student Clearance System 1.0. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 18 May 2025 17:15:00 GMT

read more

CVE-2025-4888 - Code-projects Pharmacy Management System Buffer Overflow Vulnerability

CVE ID : CVE-2025-4888
Published : May 18, 2025, 5:15 p.m. | 1 hour ago
Description : A vulnerability, which was classified as critical, was found in code-projects Pharmacy Management System 1.0. This affects the function medicineType::take_order of the component Add Order Details. The manipulation leads to buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 18 May 2025 17:15:00 GMT

read more

CVE-2025-4885 - iSourcecode Sales and Inventory System SQL Injection Vulnerability

CVE ID : CVE-2025-4885
Published : May 18, 2025, 4:15 p.m. | 2 hours ago
Description : A vulnerability classified as critical has been found in itsourcecode Sales and Inventory System 1.0. Affected is an unknown function of the file /pages/product_add.php. The manipulation of the argument serial leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 18 May 2025 16:15:00 GMT

read more

CVE-2025-4886 - iSourcecode Sales and Inventory System SQL Injection Vulnerability

CVE ID : CVE-2025-4886
Published : May 18, 2025, 4:15 p.m. | 2 hours ago
Description : A vulnerability classified as critical was found in itsourcecode Sales and Inventory System 1.0. Affected by this vulnerability is an unknown functionality of the file /pages/product_update.php. The manipulation of the argument serial leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 18 May 2025 16:15:00 GMT

read more

CVE-2025-48219 - O2 UK IMS E-UTRAN Cell Identity Leak

CVE ID : CVE-2025-48219
Published : May 18, 2025, 3:15 p.m. | 3 hours ago
Description : O2 UK through 2025-05-17 allows subscribers to determine the Cell ID of other subscribers by initiating an IMS (IP Multimedia Subsystem) call and then reading the utran-cell-id-3gpp field of a Cellular-Network-Info SIP header, aka an ECI (E-UTRAN Cell Identity) leak. The Cell ID might be usable to identify a cell location via crowdsourced data, and might correspond to a small physical area (e.g., if the called party is in a city centre). Removal of the Cellular-Network-Info header is mentioned in section 4.4.19 of ETSI TS 124 229.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 18 May 2025 15:15:00 GMT

read more

CVE-2025-4883 - D-Link DI-8100 ASP Context Buffer Overflow

CVE ID : CVE-2025-4883
Published : May 18, 2025, 3:15 p.m. | 3 hours ago
Description : A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been declared as critical. This vulnerability affects the function ctxz_asp of the file /ctxz.asp of the component Connection Limit Page. The manipulation of the argument def/defTcp/defUdp/defIcmp/defOther leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 18 May 2025 15:15:00 GMT

read more

CVE-2025-4884 - iSourcecode Restaurant Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4884
Published : May 18, 2025, 3:15 p.m. | 3 hours ago
Description : A vulnerability was found in itsourcecode Restaurant Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/assign_save.php. The manipulation of the argument team leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 18 May 2025 15:15:00 GMT

read more

CVE-2025-4881 - iSourcecode Restaurant Management System SQL Injection

CVE ID : CVE-2025-4881
Published : May 18, 2025, 2:15 p.m. | 4 hours ago
Description : A vulnerability was found in itsourcecode Restaurant Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/user_save.php. The manipulation of the argument username/name leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 18 May 2025 14:15:00 GMT

read more

CVE-2025-4882 - iSourcecode Restaurant Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4882
Published : May 18, 2025, 2:15 p.m. | 4 hours ago
Description : A vulnerability was found in itsourcecode Restaurant Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/team_update.php. The manipulation of the argument team leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 18 May 2025 14:15:00 GMT

read more

CVE-2025-4875 - Campcodes Online Shopping Portal SQL Injection Vulnerability

CVE ID : CVE-2025-4875
Published : May 18, 2025, 1:15 p.m. | 5 hours ago
Description : A vulnerability was found in Campcodes Online Shopping Portal 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /forgot-password.php. The manipulation of the argument email leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 18 May 2025 13:15:00 GMT

read more

CVE-2025-4880 - PHPGurukul News Portal SQL Injection Vulnerability

CVE ID : CVE-2025-4880
Published : May 18, 2025, 1:15 p.m. | 5 hours ago
Description : A vulnerability has been found in PHPGurukul News Portal 4.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/aboutus.php. The manipulation of the argument pagetitle leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 18 May 2025 13:15:00 GMT

read more

CVE-2025-4873 - PHPGurukul News Portal SQL Injection Vulnerability

CVE ID : CVE-2025-4873
Published : May 18, 2025, 12:15 p.m. | 6 hours ago
Description : A vulnerability has been found in PHPGurukul News Portal 4.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/index.php of the component Login. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 18 May 2025 12:15:00 GMT

read more

CVE-2025-4874 - "PHPGurukul News Portal Project SQL Injection Vulnerability"

CVE ID : CVE-2025-4874
Published : May 18, 2025, 12:15 p.m. | 6 hours ago
Description : A vulnerability was found in PHPGurukul News Portal Project 4.1 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/contactus.php. The manipulation of the argument pagetitle leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 18 May 2025 12:15:00 GMT

read more

CVE-2025-4871 - PCMan FTP Server Buffer Overflow Vulnerability

CVE ID : CVE-2025-4871
Published : May 18, 2025, 11:15 a.m. | 7 hours ago
Description : A vulnerability, which was classified as critical, has been found in PCMan FTP Server 2.0.7. This issue affects some unknown processing of the component REST Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 18 May 2025 11:15:00 GMT

read more

CVE-2025-4872 - FreeFloat FTP Server Buffer Overflow Vulnerability

CVE ID : CVE-2025-4872
Published : May 18, 2025, 11:15 a.m. | 7 hours ago
Description : A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. Affected is an unknown function of the component CCC Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 18 May 2025 11:15:00 GMT

read more

CVE-2025-4869 - iSourcecode Restaurant Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4869
Published : May 18, 2025, 10:15 a.m. | 8 hours ago
Description : A vulnerability classified as critical has been found in itsourcecode Restaurant Management System 1.0. This affects an unknown part of the file /admin/member_update.php. The manipulation of the argument menu leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 18 May 2025 10:15:00 GMT

read more

CVE-2025-4870 - iSourcecode Restaurant Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4870
Published : May 18, 2025, 10:15 a.m. | 8 hours ago
Description : A vulnerability classified as critical was found in itsourcecode Restaurant Management System 1.0. This vulnerability affects unknown code of the file /admin/menu_save.php. The manipulation of the argument menu leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 18 May 2025 10:15:00 GMT

read more

CVE-2025-4867 - Tenda A15 Denial of Service Vulnerability

CVE ID : CVE-2025-4867
Published : May 18, 2025, 9:15 a.m. | 9 hours ago
Description : A vulnerability was found in Tenda A15 15.13.07.13. It has been declared as problematic. Affected by this vulnerability is the function formArpNerworkSet of the file /goform/ArpNerworkSet. The manipulation leads to denial of service. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 18 May 2025 09:15:00 GMT

read more

CVE-2025-4868 - Merikbest Ecommerce-Spring-Reactjs Path Traversal Vulnerability

CVE ID : CVE-2025-4868
Published : May 18, 2025, 9:15 a.m. | 9 hours ago
Description : A vulnerability was found in merikbest ecommerce-spring-reactjs up to 464e610bb11cc2619cf6ce8212ccc2d1fd4277fd. It has been rated as critical. Affected by this issue is some unknown functionality of the file /api/v1/admin/ of the component File Upload Endpoint. The manipulation of the argument filename leads to path traversal. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 18 May 2025 09:15:00 GMT

read more

CVE-2025-4865 - iSourcecode Restaurant Management System SQL Injection

CVE ID : CVE-2025-4865
Published : May 18, 2025, 8:15 a.m. | 10 hours ago
Description : A vulnerability was found in itsourcecode Restaurant Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/member_save.php. The manipulation of the argument last leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 18 May 2025 08:15:00 GMT

read more

CVE-2025-4866 - Weibocom Rill-Flow Management Console Code Injection Vulnerability

CVE ID : CVE-2025-4866
Published : May 18, 2025, 8:15 a.m. | 10 hours ago
Description : A vulnerability was found in weibocom rill-flow 0.1.18. It has been classified as critical. Affected is an unknown function of the component Management Console. The manipulation leads to code injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 18 May 2025 08:15:00 GMT

read more

CVE-2025-4863 - Advaya Softech GEMS ERP Portal SQL Injection Vulnerability

CVE ID : CVE-2025-4863
Published : May 18, 2025, 7:15 a.m. | 11 hours ago
Description : A vulnerability, which was classified as critical, was found in Advaya Softech GEMS ERP Portal 2.1. This affects an unknown part of the file /studentLogin/studentLogin.action. The manipulation of the argument userId leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 18 May 2025 07:15:00 GMT

read more

CVE-2025-4864 - iSourcecode Restaurant Management System SQL Injection

CVE ID : CVE-2025-4864
Published : May 18, 2025, 7:15 a.m. | 11 hours ago
Description : A vulnerability has been found in itsourcecode Restaurant Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/finished.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 18 May 2025 07:15:00 GMT

read more

CVE-2025-4861 - PHPGurukul Beauty Parlour Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4861
Published : May 18, 2025, 6:15 a.m. | 12 hours ago
Description : A vulnerability classified as critical was found in PHPGurukul Beauty Parlour Management System 1.1. Affected by this vulnerability is an unknown functionality of the file /admin/admin-profile.php. The manipulation of the argument contactnumber leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 18 May 2025 06:15:00 GMT

read more

CVE-2025-4862 - PHPGurukul Directory Management System Cross Site Scripting Vulnerability

CVE ID : CVE-2025-4862
Published : May 18, 2025, 6:15 a.m. | 12 hours ago
Description : A vulnerability, which was classified as problematic, has been found in PHPGurukul Directory Management System 2.0. Affected by this issue is some unknown functionality of the file /searchdata.php. The manipulation of the argument searchdata leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 18 May 2025 06:15:00 GMT

read more

CVE-2025-3715 - WordPress Bold Page Builder Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3715
Published : May 18, 2025, 6:15 a.m. | 10 hours, 32 minutes ago
Description : The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-text parameter in all versions up to, and including, 5.3.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 18 May 2025 06:15:00 GMT

read more

CVE-2025-4860 - D-Link DAP-2695 DHCPS Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-4860
Published : May 18, 2025, 5:15 a.m. | 11 hours, 32 minutes ago
Description : A vulnerability classified as problematic has been found in D-Link DAP-2695 120b36r137_ALL_en_20210528. Affected is an unknown function of the file /adv_dhcps.php of the component Static Pool Settings Page. The manipulation of the argument f_mac leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 18 May 2025 05:15:00 GMT

read more

CVE-2025-4859 - D-Link DAP-2695 Cross-Site Scripting in MAC Bypass Settings Page

CVE ID : CVE-2025-4859
Published : May 18, 2025, 5:15 a.m. | 11 hours ago
Description : A vulnerability was found in D-Link DAP-2695 120b36r137_ALL_en_20210528. It has been rated as problematic. This issue affects some unknown processing of the file /adv_macbypass.php of the component MAC Bypass Settings Page. The manipulation of the argument f_mac leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 18 May 2025 05:15:00 GMT

read more

CVE-2025-4858 - D-Link ARP Spoofing Prevention Page Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-4858
Published : May 18, 2025, 4:15 a.m. | 12 hours ago
Description : A vulnerability was found in D-Link DAP-2695 120b36r137_ALL_en_20210528. It has been declared as problematic. This vulnerability affects unknown code of the file /adv_arpspoofing.php of the component ARP Spoofing Prevention Page. The manipulation of the argument harp_mac leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 18 May 2025 04:15:00 GMT

read more

CVE-2025-4851 - TOTOLINK N300RH Command Injection Vulnerability

CVE ID : CVE-2025-4851
Published : May 18, 2025, 4:15 a.m. | 10 hours, 32 minutes ago
Description : A vulnerability classified as critical was found in TOTOLINK N300RH 6.1c.1390_B20191101. This vulnerability affects the function setUploadUserData of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument FileName leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 18 May 2025 04:15:00 GMT

read more

CVE-2025-4852 - TOTOLINK A3002R Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-4852
Published : May 18, 2025, 4:15 a.m. | 10 hours, 31 minutes ago
Description : A vulnerability, which was classified as problematic, has been found in TOTOLINK A3002R 2.1.1-B20230720.1011. This issue affects some unknown processing of the component VPN Page. The manipulation of the argument Comment leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 18 May 2025 04:15:00 GMT

read more

CVE-2025-4850 - TOTOLINK N300RH Command Injection Vulnerability

CVE ID : CVE-2025-4850
Published : May 18, 2025, 3:15 a.m. | 11 hours, 32 minutes ago
Description : A vulnerability classified as critical has been found in TOTOLINK N300RH 6.1c.1390_B20191101. This affects the function setUnloadUserData of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument plugin_name leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 18 May 2025 03:15:00 GMT

read more

CVE-2025-4848 - FreeFloat FTP Server Buffer Overflow Vulnerability

CVE ID : CVE-2025-4848
Published : May 18, 2025, 3:15 a.m. | 11 hours ago
Description : A vulnerability was found in FreeFloat FTP Server 1.0 and classified as critical. This issue affects some unknown processing of the component RECV Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 18 May 2025 03:15:00 GMT

read more

CVE-2025-4849 - TOTOLINK N300RH Command Injection Vulnerability

CVE ID : CVE-2025-4849
Published : May 18, 2025, 3:15 a.m. | 11 hours ago
Description : A vulnerability was found in TOTOLINK N300RH 6.1c.1390_B20191101. It has been rated as critical. Affected by this issue is the function CloudACMunualUpdateUserdata of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument url leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 18 May 2025 03:15:00 GMT

read more

CVE-2025-4847 - FreeFloat FTP Server Buffer Overflow Vulnerability

CVE ID : CVE-2025-4847
Published : May 18, 2025, 2:15 a.m. | 10 hours, 32 minutes ago
Description : A vulnerability has been found in FreeFloat FTP Server 1.0 and classified as critical. This vulnerability affects unknown code of the component MLS Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 18 May 2025 02:15:00 GMT

read more

CVE-2025-4846 - FreeFloat FTP Server Buffer Overflow Vulnerability

CVE ID : CVE-2025-4846
Published : May 18, 2025, 1:15 a.m. | 11 hours, 32 minutes ago
Description : A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This affects an unknown part of the component MPUT Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 18 May 2025 01:15:00 GMT

read more

CVE-2025-4845 - FreeFloat FTP Server Buffer Overflow Vulnerability

CVE ID : CVE-2025-4845
Published : May 18, 2025, 1:15 a.m. | 11 hours ago
Description : A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0. Affected by this issue is some unknown functionality of the component TRACE Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 18 May 2025 01:15:00 GMT

read more

CVE-2025-4844 - FreeFloat FTP Server CD Command Handler Buffer Overflow Vulnerability

CVE ID : CVE-2025-4844
Published : May 18, 2025, 12:15 a.m. | 12 hours ago
Description : A vulnerability classified as critical was found in FreeFloat FTP Server 1.0. Affected by this vulnerability is an unknown functionality of the component CD Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 18 May 2025 00:15:00 GMT

read more

CVE-2025-4843 - D-Link DCS-932L Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-4843
Published : May 18, 2025, 12:15 a.m. | 11 hours, 2 minutes ago
Description : A vulnerability was found in D-Link DCS-932L 2.18.01. It has been classified as critical. This affects the function SubUPnPCSInit of the file /sbin/udev. The manipulation of the argument CameraName leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 18 May 2025 00:15:00 GMT

read more

CVE-2025-4842 - D-Link DCS-932L Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-4842
Published : May 17, 2025, 11:15 p.m. | 12 hours, 2 minutes ago
Description : A vulnerability was found in D-Link DCS-932L 2.18.01. It has been declared as critical. This vulnerability affects the function isUCPCameraNameChanged of the file /sbin/ucp. The manipulation of the argument CameraName leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 23:15:00 GMT

read more

CVE-2025-4841 - D-Link DCS-932L Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-4841
Published : May 17, 2025, 11:15 p.m. | 10 hours, 59 minutes ago
Description : A vulnerability was found in D-Link DCS-932L 2.18.01 and classified as critical. Affected by this issue is the function sub_404780 of the file /bin/gpio. The manipulation of the argument CameraName leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 23:15:00 GMT

read more

CVE-2025-4921 - Firefox JavaScript Out-of-Bounds Access Vulnerability

CVE ID : CVE-2025-4921
Published : May 17, 2025, 10:15 p.m. | 11 hours, 59 minutes ago
Description : An attacker was able to perform an out-of-bounds read or write on a JavaScript object by confusing array index sizes. This vulnerability affects Firefox < 138.0.4 and Firefox ESR < 128.10.1.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 22:15:00 GMT

read more

CVE-2025-4919 - Mozilla Firefox Out-of-Bounds JavaScript Vulnerability

CVE ID : CVE-2025-4919
Published : May 17, 2025, 10:15 p.m. | 11 hours, 2 minutes ago
Description : An attacker was able to perform an out-of-bounds read or write on a JavaScript object by confusing array index sizes. This vulnerability affects Firefox ESR < 115.23.1.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 22:15:00 GMT

read more

CVE-2025-4920 - Mozilla Firefox Promise Object Out-of-Bounds Read/Write Vulnerability

CVE ID : CVE-2025-4920
Published : May 17, 2025, 10:15 p.m. | 11 hours, 2 minutes ago
Description : An attacker was able to perform an out-of-bounds read or write on a JavaScript `Promise` object. This vulnerability affects Firefox < 138.0.4 and Firefox ESR < 128.10.1.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 22:15:00 GMT

read more

CVE-2025-4839 - Itwanger Paicoding Cross-Domain Policy Vulnerability

CVE ID : CVE-2025-4839
Published : May 17, 2025, 10:15 p.m. | 9 hours, 59 minutes ago
Description : A vulnerability has been found in itwanger paicoding 1.0.0/1.0.1/1.0.2/1.0.3 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /paicoding-core/src/main/java/com/github/paicoding/forum/core/util/CrossUtil.java. The manipulation leads to permissive cross-domain policy with untrusted domains. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.
Severity: 3.1 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 22:15:00 GMT

read more

CVE-2025-4918 - Firefox ESR JavaScript Promise Out-of-Bounds Access

CVE ID : CVE-2025-4918
Published : May 17, 2025, 10:15 p.m. | 9 hours, 59 minutes ago
Description : An attacker was able to perform an out-of-bounds read or write on a JavaScript `Promise` object. This vulnerability affects Firefox ESR < 115.23.1.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 22:15:00 GMT

read more

CVE-2025-4838 - Kanwangzjm Funiture Open Redirect Vulnerability

CVE ID : CVE-2025-4838
Published : May 17, 2025, 10:15 p.m. | 8 hours, 32 minutes ago
Description : A vulnerability, which was classified as problematic, was found in kanwangzjm Funiture up to 71ca0fb0658b3d839d9e049ac36429207f05329b. Affected is the function doPost of the file /funiture-master/src/main/java/com/app/mvc/acl/servlet/LoginServlet.java of the component Login. The manipulation of the argument ret leads to open redirect. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 22:15:00 GMT

read more

CVE-2025-4837 - Projectworlds Student Project Allocation System SQL Injection Vulnerability

CVE ID : CVE-2025-4837
Published : May 17, 2025, 9:15 p.m. | 9 hours, 32 minutes ago
Description : A vulnerability classified as critical has been found in projectworlds Student Project Allocation System 1.0. This affects an unknown part of the file /make_group_sql.php. The manipulation of the argument mem1/mem2/mem3 leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 21:15:00 GMT

read more

CVE-2024-13965 - Apache HTTP Server SQL Injection

CVE ID : CVE-2024-13965
Published : May 17, 2025, 8:15 p.m. | 9 hours, 59 minutes ago
Description : Rejected reason: wrong year
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 20:15:00 GMT

read more

CVE-2025-4835 - TOTOLINK A702R/A3002R/A3002RU HTTP POST Request Handler Buffer Overflow Vulnerability

CVE ID : CVE-2025-4835
Published : May 17, 2025, 8:15 p.m. | 9 hours, 59 minutes ago
Description : A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formWlanRedirect of the component HTTP POST Request Handler. The manipulation of the argument redirect-url leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 20:15:00 GMT

read more

CVE-2025-4836 - Projectworlds Life Insurance Management System SQL Injection

CVE ID : CVE-2025-4836
Published : May 17, 2025, 8:15 p.m. | 9 hours, 59 minutes ago
Description : A vulnerability was found in Projectworlds Life Insurance Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /deleteAgent.php. The manipulation of the argument agent_id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 20:15:00 GMT

read more

CVE-2024-13964 - Here is a title for the vulnerability:Apache Struts Remote Code Execution

CVE ID : CVE-2024-13964
Published : May 17, 2025, 8:15 p.m. | 7 hours, 59 minutes ago
Description : Rejected reason: wrong year
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 20:15:00 GMT

read more

CVE-2025-47945 - Donetick Weak Default JWT Signing Secret in Donetick Task Management App

CVE ID : CVE-2025-47945
Published : May 17, 2025, 7:15 p.m. | 8 hours, 58 minutes ago
Description : Donetick an open-source app for managing tasks and chores. Prior to version 0.1.44, the application uses JSON Web Tokens (JWT) for authentication, but the signing secret has a weak default value. While the responsibility is left to the system administrator to change it, this approach is inadequate. The vulnerability is proven by existence of the issue in the live version as well. This issue can result in full account takeover of any user. Version 0.1.44 contains a patch.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 19:15:00 GMT

read more

CVE-2025-47948 - Cocotais Bot Privileged Command Injection

CVE ID : CVE-2025-47948
Published : May 17, 2025, 7:15 p.m. | 8 hours, 58 minutes ago
Description : Cocotais Bot is a QQ official robot framework based on qq-bot-sdk. Starting in version 1.5.0-test2-hotfix and prior to version 1.6.2, command echoing feature in the framework allows users to indirectly trigger privileged behavior by injecting special platform tags. Specifically, an unauthorized user can use the `/echo ` command to cause the bot to send a message that mentions all members in the chat, bypassing any permission controls. This can lead to spam, disruption, or abuse of notification systems. Version 1.6.2 contains a patch for the issue.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 19:15:00 GMT

read more

CVE-2025-4834 - TOTOLINK A702R, A3002R, A3002RU HTTP POST Request Handler Buffer Overflow Vulnerability

CVE ID : CVE-2025-4834
Published : May 17, 2025, 7:15 p.m. | 8 hours, 58 minutes ago
Description : A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. It has been classified as critical. Affected is an unknown function of the file /boafrm/formSetLg of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 19:15:00 GMT

read more

CVE-2025-4833 - TOTOLINK A702R/A3002R/A3002RU HTTP POST Request Handler Buffer Overflow Vulnerability

CVE ID : CVE-2025-4833
Published : May 17, 2025, 6:15 p.m. | 9 hours, 59 minutes ago
Description : A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615 and classified as critical. This issue affects some unknown processing of the file /boafrm/formNtp of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 18:15:00 GMT

read more

CVE-2025-4831 - TOTOLINK HTTP POST Request Handler Buffer Overflow Vulnerability

CVE ID : CVE-2025-4831
Published : May 17, 2025, 5:15 p.m. | 9 hours, 30 minutes ago
Description : A vulnerability, which was classified as critical, was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. This affects an unknown part of the file /boafrm/formSiteSurveyProfile of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 17:15:00 GMT

read more

CVE-2025-4832 - TOTOLINK HTTP POST Request Handler Buffer Overflow Vulnerability

CVE ID : CVE-2025-4832
Published : May 17, 2025, 5:15 p.m. | 9 hours, 30 minutes ago
Description : A vulnerability has been found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formDosCfg of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 17:15:00 GMT

read more

CVE-2025-4830 - TOTOLINK A702R/A3002R/A3002RU HTTP POST Request Handler Buffer Overflow Vulnerability

CVE ID : CVE-2025-4830
Published : May 17, 2025, 4:15 p.m. | 10 hours, 31 minutes ago
Description : A vulnerability, which was classified as critical, has been found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. Affected by this issue is some unknown functionality of the file /boafrm/formSysCmd of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 16:15:00 GMT

read more

CVE-2025-47931 - LibreNMS Stored Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-47931
Published : May 17, 2025, 4:15 p.m. | 9 hours, 58 minutes ago
Description : LibreNMS is PHP/MySQL/SNMP based network monitoring software. LibreNMS v25.4.0 and prior suffers from a Stored Cross-Site Scripting (XSS) Vulnerability in the `group name` parameter of the `http://localhost/poller/groups` form. This vulnerability allows attackers to inject malicious scripts into web pages viewed by other users. LibreNMS v25.5.0 contains a patch for the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 16:15:00 GMT

read more

CVE-2025-33103 - IBM i TCP/IP Connectivity Utilities for i Privilege Escalation Vulnerability

CVE ID : CVE-2025-33103
Published : May 17, 2025, 4:15 p.m. | 7 hours, 58 minutes ago
Description : IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 product IBM TCP/IP Connectivity Utilities for i contains a privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain root access to the host operating system.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 16:15:00 GMT

read more

CVE-2025-47273 - Setuptools Remote Code Execution via Path Traversal

CVE ID : CVE-2025-47273
Published : May 17, 2025, 4:15 p.m. | 7 hours, 58 minutes ago
Description : setuptools is a package that allows users to download, build, install, upgrade, and uninstall Python packages. A path traversal vulnerability in `PackageIndex` is present in setuptools prior to version 78.1.1. An attacker would be allowed to write files to arbitrary locations on the filesystem with the permissions of the process running the Python code, which could escalate to remote code execution depending on the context. Version 78.1.1 fixes the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 16:15:00 GMT

read more

CVE-2025-4827 - TOTOLINK A702R/A3002R/A3002RU HTTP POST Request Handler Buffer Overflow

CVE ID : CVE-2025-4827
Published : May 17, 2025, 3:15 p.m. | 8 hours, 58 minutes ago
Description : A vulnerability, which was classified as critical, was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. Affected is an unknown function of the file /boafrm/formSaveConfig of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 15:15:00 GMT

read more

CVE-2025-4829 - TOTOLINK A702R/A3002R/A3002RU HTTP POST Request Handler Buffer Overflow Vulnerability

CVE ID : CVE-2025-4829
Published : May 17, 2025, 3:15 p.m. | 8 hours, 58 minutes ago
Description : A vulnerability classified as critical was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. Affected by this vulnerability is the function sub_40BE30 of the file /boafrm/formStats of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 15:15:00 GMT

read more

CVE-2025-48187 - RAGFlow Authentication Bypass

CVE ID : CVE-2025-48187
Published : May 17, 2025, 1:15 p.m. | 9 hours, 53 minutes ago
Description : RAGFlow through 0.18.1 allows account takeover because it is possible to conduct successful brute-force attacks against email verification codes to perform arbitrary account registration, login, and password reset. Codes are six digits and there is no rate limiting.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 13:15:00 GMT

read more

CVE-2025-4101 - MultiVendorX WooCommerce Multivendor Marketplace Solutions Unauthenticated Data Deletion Vulnerability

CVE ID : CVE-2025-4101
Published : May 17, 2025, 1:15 p.m. | 9 hours, 53 minutes ago
Description : The MultiVendorX – WooCommerce Multivendor Marketplace Solutions plugin for WordPress is vulnerable to unauthorized loss of data due to a misconfigured capability check on the 'delete_fpm_product' function in all versions up to, and including, 4.2.22. This makes it possible for authenticated attackers, with Contributor-level access and above, to delete arbitrary posts, pages, attachments, and products. The vulnerability was partially patched in version 4.2.22.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 13:15:00 GMT

read more

CVE-2024-13613 - Wise Chat WordPress Sensitive Information Exposure

CVE ID : CVE-2024-13613
Published : May 17, 2025, 12:15 p.m. | 8 hours, 32 minutes ago
Description : The Wise Chat plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.3.3 via the 'uploads' directory. This makes it possible for unauthenticated attackers to extract sensitive data stored insecurely in the /wp-content/uploads directory which can contain file attachments included in chat messages. The vulnerability was partially patched in version 3.3.3.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 12:15:00 GMT

read more

CVE-2025-3527 - WordPress EventON Pro Stored Cross-Site Scripting (XSS)

CVE ID : CVE-2025-3527
Published : May 17, 2025, 12:15 p.m. | 8 hours, 32 minutes ago
Description : The EventON Pro plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check in the 'assets/lib/settings/settings.js' file in all versions up to, and including, 4.9.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The vulnerability was partially patched in version 4.9.6.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 12:15:00 GMT

read more

CVE-2025-3888 - "Jupiter X Core Stored Cross-Site Scripting Vulnerability"

CVE ID : CVE-2025-3888
Published : May 17, 2025, 12:15 p.m. | 8 hours, 32 minutes ago
Description : The Jupiter X Core plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File inclusion in all versions up to, and including, 4.8.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the page with the included SVG file.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 12:15:00 GMT

read more

CVE-2025-4669 - WordPress Booking Calendar Stored Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-4669
Published : May 17, 2025, 12:15 p.m. | 8 hours, 32 minutes ago
Description : The WP Booking Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpbc shortcode in all versions up to, and including, 10.11.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 12:15:00 GMT

read more

CVE-2025-4826 - TOTOLINK A702R/A3002R/A3002RU HTTP POST Request Handler Buffer Overflow Vulnerability

CVE ID : CVE-2025-4826
Published : May 17, 2025, 11:15 a.m. | 9 hours, 32 minutes ago
Description : A vulnerability, which was classified as critical, has been found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. This issue affects some unknown processing of the file /boafrm/formWirelessTbl of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 11:15:00 GMT

read more

CVE-2025-4824 - TOTOLINK A702R, A3002R, A3002RU HTTP POST Request Handler Buffer Overflow Vulnerability

CVE ID : CVE-2025-4824
Published : May 17, 2025, 10:15 a.m. | 10 hours, 32 minutes ago
Description : A vulnerability classified as critical has been found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. This affects an unknown part of the file /boafrm/formWsc of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 10:15:00 GMT

read more

CVE-2025-4825 - TOTOLINK A702R/A3002R/A3002RU HTTP POST Request Handler Buffer Overflow

CVE ID : CVE-2025-4825
Published : May 17, 2025, 10:15 a.m. | 10 hours, 32 minutes ago
Description : A vulnerability classified as critical was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. This vulnerability affects unknown code of the file /boafrm/formDMZ of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 10:15:00 GMT

read more

CVE-2025-4610 - WordPress WP-Members Membership Plugin Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-4610
Published : May 17, 2025, 10:15 a.m. | 9 hours, 58 minutes ago
Description : The WP-Members Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpmem_user_memberships shortcode in all versions up to, and including, 3.5.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 10:15:00 GMT

read more

CVE-2025-4823 - TOTOLINK HTTP POST Request Handler Buffer Overflow Vulnerability

CVE ID : CVE-2025-4823
Published : May 17, 2025, 10:15 a.m. | 9 hours, 58 minutes ago
Description : A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. It has been rated as critical. Affected by this issue is the function submit-url of the file /boafrm/formReflashClientTbl of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 10:15:00 GMT

read more

CVE-2025-4391 - WordPress Echo RSS Feed Post Generator Arbitrary File Upload Vulnerability

CVE ID : CVE-2025-4391
Published : May 17, 2025, 6:15 a.m. | 13 hours, 58 minutes ago
Description : The Echo RSS Feed Post Generator plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the echo_generate_featured_image() function in all versions up to, and including, 5.4.8.1. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 06:15:00 GMT

read more

CVE-2025-4819 - Y_Project RuoYi Remote Improper Authorization Vulnerability

CVE ID : CVE-2025-4819
Published : May 17, 2025, 6:15 a.m. | 13 hours, 58 minutes ago
Description : A vulnerability classified as problematic has been found in y_project RuoYi 4.8.0. Affected is an unknown function of the file /monitor/online/batchForceLogout of the component Offline Logout. The manipulation of the argument ids leads to improper authorization. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used.
Severity: 3.1 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 06:15:00 GMT

read more

CVE-2025-3812 - WordPress WPBot Pro File Deletion Vulnerability

CVE ID : CVE-2025-3812
Published : May 17, 2025, 6:15 a.m. | 12 hours, 32 minutes ago
Description : The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the qcld_openai_delete_training_file() function in all versions up to, and including, 13.6.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 06:15:00 GMT

read more

CVE-2025-4190 - WordPress CSV Mass Importer File Upload Privilege Escalation Vulnerability

CVE ID : CVE-2025-4190
Published : May 17, 2025, 6:15 a.m. | 12 hours, 32 minutes ago
Description : The CSV Mass Importer WordPress plugin through 1.2 does not properly validate uploaded files, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to (for example in multisite setup)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 06:15:00 GMT

read more

CVE-2025-4389 - "WordPress Crawlomatic Multipage Scraper Plugin Arbitrary File Upload Vulnerability"

CVE ID : CVE-2025-4389
Published : May 17, 2025, 6:15 a.m. | 12 hours, 32 minutes ago
Description : The Crawlomatic Multipage Scraper Post Generator plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the crawlomatic_generate_featured_image() function in all versions up to, and including, 2.6.8.1. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 06:15:00 GMT

read more

CVE-2025-4818 - SourceCodester Doctor's Appointment System SQL Injection

CVE ID : CVE-2025-4818
Published : May 17, 2025, 5:15 a.m. | 12 hours, 57 minutes ago
Description : A vulnerability was found in SourceCodester Doctor's Appointment System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/delete-doctor.php of the component GET Parameter Handler. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 05:15:00 GMT

read more

CVE-2025-4189 - WordPress Audio Comments Plugin CSRF

CVE ID : CVE-2025-4189
Published : May 17, 2025, 4:16 a.m. | 11 hours, 57 minutes ago
Description : The Audio Comments Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.4. This is due to missing or incorrect nonce validation on the 'audio-comments/audior-settings.php' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 04:16:00 GMT

read more

CVE-2025-4194 - WordPress AlT Monitoring CSRF

CVE ID : CVE-2025-4194
Published : May 17, 2025, 4:16 a.m. | 11 hours, 57 minutes ago
Description : The AlT Monitoring plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.3. This is due to missing or incorrect nonce validation on the 'ALT_Monitoring_edit' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 04:16:00 GMT

read more

CVE-2025-4816 - SourceCodester Doctor's Appointment System SQL Injection Vulnerability

CVE ID : CVE-2025-4816
Published : May 17, 2025, 4:16 a.m. | 11 hours, 57 minutes ago
Description : A vulnerability was found in SourceCodester Doctor's Appointment System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/appointment.php of the component GET Parameter Handler. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 04:16:00 GMT

read more

CVE-2025-4817 - Sourcecodester Doctor's Appointment System SQL Injection Vulnerability

CVE ID : CVE-2025-4817
Published : May 17, 2025, 4:16 a.m. | 11 hours, 57 minutes ago
Description : A vulnerability was found in Sourcecodester Doctor's Appointment System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/delete-appointment.php of the component GET Parameter Handler. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 04:16:00 GMT

read more

CVE-2025-4814 - Campcodes Sales and Inventory System SQL Injection

CVE ID : CVE-2025-4814
Published : May 17, 2025, 3:17 a.m. | 12 hours, 56 minutes ago
Description : A vulnerability has been found in Campcodes Sales and Inventory System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /pages/supplier_add.php. The manipulation of the argument Name leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 03:17:00 GMT

read more

CVE-2025-4815 - Campcodes Sales and Inventory System SQL Injection Vulnerability

CVE ID : CVE-2025-4815
Published : May 17, 2025, 3:17 a.m. | 12 hours, 56 minutes ago
Description : A vulnerability was found in Campcodes Sales and Inventory System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /pages/supplier_update.php. The manipulation of the argument Name leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 03:17:00 GMT

read more

CVE-2024-47893 - VMware GPU Firmware Memory Disclosure

CVE ID : CVE-2024-47893
Published : May 17, 2025, 1:15 a.m. | 13 hours, 47 minutes ago
Description : Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to read and/or write data outside the Guest's virtualised GPU memory.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 01:15:00 GMT

read more

CVE-2025-1706 - Adobe Flash Use-After-Free Vulnerability

CVE ID : CVE-2025-1706
Published : May 17, 2025, 1:15 a.m. | 13 hours, 47 minutes ago
Description : Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 17 May 2025 01:15:00 GMT

read more

CVE-2025-4812 - PHPGurukul Human Metapneumovirus Testing Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4812
Published : May 16, 2025, 10:15 p.m. | 14 hours, 32 minutes ago
Description : A vulnerability, which was classified as critical, has been found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. This issue affects some unknown processing of the file /profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 22:15:00 GMT

read more

CVE-2025-4813 - PHPGurukul Human Metapneumovirus Testing Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4813
Published : May 16, 2025, 10:15 p.m. | 14 hours, 32 minutes ago
Description : A vulnerability, which was classified as critical, was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. Affected is an unknown function of the file /edit-phlebotomist.php. The manipulation of the argument mobilenumber leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 22:15:00 GMT

read more

CVE-2025-4804 - WatchGuard Fireware OS Stored Cross-site Scripting Vulnerability

CVE ID : CVE-2025-4804
Published : May 16, 2025, 9:15 p.m. | 14 hours, 57 minutes ago
Description : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS allows Stored XSS via the spamBlocker module. This vulnerability requires an authenticated administrator session to a locally managed Firebox. This issue affects Fireware OS: from 12.0 through 12.11.1.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 21:15:00 GMT

read more

CVE-2025-4805 - WatchGuard Fireware OS Stored XSS Vulnerability

CVE ID : CVE-2025-4805
Published : May 16, 2025, 9:15 p.m. | 14 hours, 57 minutes ago
Description : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS allows Stored XSS. This vulnerability requires an authenticated administrator session to a locally managed Firebox. This issue affects Fireware OS: from 12.0 through 12.11.1.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 21:15:00 GMT

read more

CVE-2025-4810 - Tenda AC7 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-4810
Published : May 16, 2025, 9:15 p.m. | 14 hours, 57 minutes ago
Description : A vulnerability was found in Tenda AC7 15.03.06.44. It has been declared as critical. Affected by this vulnerability is the function formSetRebootTimer of the file /goform/SetRebootTimer. The manipulation of the argument reboot_time leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 21:15:00 GMT

read more

CVE-2025-4811 - CodeAstro Pharmacy Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4811
Published : May 16, 2025, 9:15 p.m. | 14 hours, 57 minutes ago
Description : A vulnerability was found in CodeAstro Pharmacy Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /index.php of the component Login. The manipulation of the argument Username leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 21:15:00 GMT

read more

CVE-2025-48188 - GNU PSPP libpspp-core.a Heap-Based Buffer Over-Read

CVE ID : CVE-2025-48188
Published : May 16, 2025, 9:15 p.m. | 13 hours, 45 minutes ago
Description : libpspp-core.a in GNU PSPP through 2.0.1 has an incorrect call from fill_buffer (in data/encrypted-file.c) to the Gnulib rijndaelDecrypt function, leading to a heap-based buffer over-read.
Severity: 2.9 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 21:15:00 GMT

read more

CVE-2022-4363 - Wholesale Market WooCommerce CSRF Vulnerability

CVE ID : CVE-2022-4363
Published : May 16, 2025, 9:15 p.m. | 12 hours, 57 minutes ago
Description : The Wholesale Market WordPress plugin before 2.2.2, Wholesale Market for WooCommerce WordPress plugin before 2.0.1 have a flawed CSRF check when updating their settings, which could allow attackers to make a logged in admin update them via a CSRF attack
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 21:15:00 GMT

read more

CVE-2025-32407 - Samsung Internet for Galaxy Watch TLS Certificate Validation Bypass

CVE ID : CVE-2025-32407
Published : May 16, 2025, 9:15 p.m. | 12 hours, 57 minutes ago
Description : Samsung Internet for Galaxy Watch version 5.0.9, available up until Samsung Galaxy Watch 3, does not properly validate TLS certificates, allowing for an attacker to impersonate any and all websites visited by the user. This is a critical misconfiguration in the way the browser validates the identity of the server. It negates the use of HTTPS as a secure channel, allowing for Man-in-the-Middle attacks, stealing sensitive information or modifying incoming and outgoing traffic. NOTE: This vulnerability is in an end-of-life product that is no longer maintained by the vendor.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 21:15:00 GMT

read more

CVE-2025-4808 - PHPGurukul Park Ticketing Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4808
Published : May 16, 2025, 8:15 p.m. | 13 hours, 58 minutes ago
Description : A vulnerability was found in PHPGurukul Park Ticketing Management System 2.0 and classified as critical. This issue affects some unknown processing of the file /add-normal-ticket.php. The manipulation of the argument noadult leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 20:15:00 GMT

read more

CVE-2025-4809 - Tenda AC7 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-4809
Published : May 16, 2025, 8:15 p.m. | 13 hours, 58 minutes ago
Description : A vulnerability was found in Tenda AC7 15.03.06.44. It has been classified as critical. Affected is the function fromSafeSetMacFilter of the file /goform/setMacFilterCfg. The manipulation of the argument deviceList leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 20:15:00 GMT

read more

CVE-2025-22233 - Spring Framework Disallowed Fields Bypass Vulnerability

CVE ID : CVE-2025-22233
Published : May 16, 2025, 8:15 p.m. | 9 hours, 57 minutes ago
Description : CVE-2024-38820 ensured Locale-independent, lowercase conversion for both the configured disallowedFields patterns and for request parameter names. However, there are still cases where it is possible to bypass the disallowedFields checks. Affected Spring Products and Versions Spring Framework: * 6.2.0 - 6.2.6 * 6.1.0 - 6.1.19 * 6.0.0 - 6.0.27 * 5.3.0 - 5.3.42 * Older, unsupported versions are also affected Mitigation Users of affected versions should upgrade to the corresponding fixed version. Affected version(s)Fix Version Availability 6.2.x 6.2.7 OSS6.1.x 6.1.20 OSS6.0.x 6.0.28 Commercial https://enterprise.spring.io/ 5.3.x 5.3.43 Commercial https://enterprise.spring.io/ No further mitigation steps are necessary. Generally, we recommend using a dedicated model object with properties only for data binding, or using constructor binding since constructor arguments explicitly declare what to bind together with turning off setter binding through the declarativeBinding flag. See the Model Design section in the reference documentation. For setting binding, prefer the use of allowedFields (an explicit list) over disallowedFields. Credit This issue was responsibly reported by the TERASOLUNA Framework Development Team from NTT DATA Group Corporation.
Severity: 3.1 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 20:15:00 GMT

read more

CVE-2025-4802 - GNU C Library LD_LIBRARY_PATH Path Traversal Vulnerability

CVE ID : CVE-2025-4802
Published : May 16, 2025, 8:15 p.m. | 9 hours, 57 minutes ago
Description : Untrusted LD_LIBRARY_PATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen (including internal dlopen calls after setlocale or calls to NSS functions such as getaddrinfo).
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 20:15:00 GMT

read more

CVE-2025-4807 - SourceCodester Online Student Clearance System Directory Traversal Information Disclosure

CVE ID : CVE-2025-4807
Published : May 16, 2025, 8:15 p.m. | 9 hours, 57 minutes ago
Description : A vulnerability, which was classified as problematic, was found in SourceCodester Online Student Clearance System 1.0. This affects an unknown part. The manipulation leads to exposure of information through directory listing. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 20:15:00 GMT

read more

CVE-2025-4795 - Gongfuxiang SchoolCMS SQL Injection Vulnerability

CVE ID : CVE-2025-4795
Published : May 16, 2025, 7:15 p.m. | 10 hours, 56 minutes ago
Description : A vulnerability classified as critical has been found in gongfuxiang schoolcms 2.3.1. This affects the function SaveInfo of the file /index.php?m=Admin&c=article&a=SaveInfo. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 19:15:00 GMT

read more

CVE-2025-4806 - SourceCodester Oretnom23 Stock Management System SQL Injection

CVE ID : CVE-2025-4806
Published : May 16, 2025, 7:15 p.m. | 10 hours, 56 minutes ago
Description : A vulnerability, which was classified as critical, has been found in SourceCodester/oretnom23 Stock Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/?page=back_order/view_bo. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 19:15:00 GMT

read more

CVE-2025-4794 - PHPGurukul Online Course Registration SQL Injection Vulnerability

CVE ID : CVE-2025-4794
Published : May 16, 2025, 6:16 p.m. | 10 hours, 31 minutes ago
Description : A vulnerability was found in PHPGurukul Online Course Registration 3.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /news.php. The manipulation of the argument newstitle leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 18:16:00 GMT

read more

CVE-2025-4476 - Apache Libsoup Denial of Service

CVE ID : CVE-2025-4476
Published : May 16, 2025, 6:16 p.m. | 10 hours, 3 minutes ago
Description : A denial-of-service vulnerability has been identified in the libsoup HTTP client library. This flaw can be triggered when a libsoup client receives a 401 (Unauthorized) HTTP response containing a specifically crafted domain parameter within the WWW-Authenticate header. Processing this malformed header can lead to a crash of the client application using libsoup. An attacker could exploit this by setting up a malicious HTTP server. If a user's application using the vulnerable libsoup library connects to this malicious server, it could result in a denial-of-service. Successful exploitation requires tricking a user's client application into connecting to the attacker's malicious server.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 18:16:00 GMT

read more

CVE-2025-4792 - FreeFloat FTP Server Buffer Overflow Vulnerability

CVE ID : CVE-2025-4792
Published : May 16, 2025, 6:16 p.m. | 10 hours, 3 minutes ago
Description : A vulnerability was found in FreeFloat FTP Server 1.0 and classified as critical. This issue affects some unknown processing of the component MDELETE Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 18:16:00 GMT

read more

CVE-2025-4793 - PHPGurukul Online Course Registration SQL Injection Vulnerability

CVE ID : CVE-2025-4793
Published : May 16, 2025, 6:16 p.m. | 10 hours, 3 minutes ago
Description : A vulnerability was found in PHPGurukul Online Course Registration 3.1. It has been classified as critical. Affected is an unknown function of the file /edit-student-profile.php. The manipulation of the argument cgpa leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 18:16:00 GMT

read more

CVE-2025-4791 - FreeFloat FTP Server Buffer Overflow Vulnerability

CVE ID : CVE-2025-4791
Published : May 16, 2025, 5:15 p.m. | 11 hours, 3 minutes ago
Description : A vulnerability has been found in FreeFloat FTP Server 1.0 and classified as critical. This vulnerability affects unknown code of the component HASH Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 17:15:00 GMT

read more

CVE-2025-4789 - FreeFloat FTP Server LCD Command Handler Critical Remote Buffer Overflow Vulnerability

CVE ID : CVE-2025-4789
Published : May 16, 2025, 5:15 p.m. | 9 hours, 29 minutes ago
Description : A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0. Affected by this issue is some unknown functionality of the component LCD Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 17:15:00 GMT

read more

CVE-2025-4790 - FreeFloat FTP Server GLOB Command Handler Buffer Overflow Vulnerability

CVE ID : CVE-2025-4790
Published : May 16, 2025, 5:15 p.m. | 9 hours, 29 minutes ago
Description : A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This affects an unknown part of the component GLOB Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 17:15:00 GMT

read more

CVE-2025-4788 - FreeFloat FTP Server DELETE Command Handler Buffer Overflow Vulnerability

CVE ID : CVE-2025-4788
Published : May 16, 2025, 5:15 p.m. | 7 hours, 36 minutes ago
Description : A vulnerability classified as critical was found in FreeFloat FTP Server 1.0. Affected by this vulnerability is an unknown functionality of the component DELETE Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 17:15:00 GMT

read more

CVE-2025-4787 - SourceCodester Oretnom23 Stock Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4787
Published : May 16, 2025, 4:15 p.m. | 8 hours, 36 minutes ago
Description : A vulnerability classified as critical has been found in SourceCodester/oretnom23 Stock Management System 1.0. Affected is an unknown function of the file /admin/?page=sales/view_sale. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 16:15:00 GMT

read more

CVE-2025-48132 - Pencilwp X Addons for Elementor Cross-site Scripting

CVE ID : CVE-2025-48132
Published : May 16, 2025, 4:15 p.m. | 4 hours, 29 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pencilwp X Addons for Elementor allows Stored XSS. This issue affects X Addons for Elementor: from n/a through 1.0.14.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 16:15:00 GMT

read more

CVE-2025-48134 - ShapedPlugin LLC WP Tabs Object Injection

CVE ID : CVE-2025-48134
Published : May 16, 2025, 4:15 p.m. | 4 hours, 29 minutes ago
Description : Deserialization of Untrusted Data vulnerability in ShapedPlugin LLC WP Tabs allows Object Injection. This issue affects WP Tabs: from n/a through 2.2.11.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 16:15:00 GMT

read more

CVE-2025-48135 - Aptivada for WP Cross-Site Scripting

CVE ID : CVE-2025-48135
Published : May 16, 2025, 4:15 p.m. | 4 hours, 29 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in aptivadadev Aptivada for WP allows DOM-Based XSS. This issue affects Aptivada for WP: from n/a through 2.0.0.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 16:15:00 GMT

read more

CVE-2025-48136 - Estatik Mortgage Calculator PHP Remote File Inclusion Vulnerability

CVE ID : CVE-2025-48136
Published : May 16, 2025, 4:15 p.m. | 4 hours, 29 minutes ago
Description : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Estatik Mortgage Calculator Estatik allows PHP Local File Inclusion. This issue affects Mortgage Calculator Estatik: from n/a through 2.0.12.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 16:15:00 GMT

read more

CVE-2025-48137 - Proxymis Interview SQL Injection

CVE ID : CVE-2025-48137
Published : May 16, 2025, 4:15 p.m. | 4 hours, 29 minutes ago
Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in proxymis Interview allows SQL Injection. This issue affects Interview: from n/a through 1.01.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 16:15:00 GMT

read more

CVE-2025-48138 - BERTHA AI Missing Authorization Vulnerability

CVE ID : CVE-2025-48138
Published : May 16, 2025, 4:15 p.m. | 4 hours, 29 minutes ago
Description : Missing Authorization vulnerability in berthaai BERTHA AI allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects BERTHA AI: from n/a through 1.12.11.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 16:15:00 GMT

read more

CVE-2025-48144 - Sidngr Import Export For WooCommerce CSRF Stored XSS

CVE ID : CVE-2025-48144
Published : May 16, 2025, 4:15 p.m. | 4 hours, 29 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in sidngr Import Export For WooCommerce allows Stored XSS. This issue affects Import Export For WooCommerce: from n/a through 1.6.2.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 16:15:00 GMT

read more

CVE-2025-48146 - LupsOnline SEO Flow CSRF Stored XSS

CVE ID : CVE-2025-48146
Published : May 16, 2025, 4:15 p.m. | 4 hours, 29 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in Michael Lups SEO Flow by LupsOnline allows Stored XSS. This issue affects SEO Flow by LupsOnline: from n/a through 2.2.0.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 16:15:00 GMT

read more

CVE-2025-4786 - SourceCodester Oretnom23 Stock Management System SQL Injection

CVE ID : CVE-2025-4786
Published : May 16, 2025, 4:15 p.m. | 4 hours, 29 minutes ago
Description : A vulnerability was found in SourceCodester/oretnom23 Stock Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/?page=return/view_return. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 16:15:00 GMT

read more

CVE-2025-48117 - Kilbot WooCommerce POS Missing Authorization Vulnerability

CVE ID : CVE-2025-48117
Published : May 16, 2025, 4:15 p.m. | 2 hours, 29 minutes ago
Description : Missing Authorization vulnerability in kilbot WooCommerce POS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WooCommerce POS: from n/a through 1.7.8.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 16:15:00 GMT

read more

CVE-2025-48119 - RS WP Book Showcase Code Injection Vulnerability

CVE ID : CVE-2025-48119
Published : May 16, 2025, 4:15 p.m. | 2 hours, 29 minutes ago
Description : Improper Control of Generation of Code ('Code Injection') vulnerability in RS WP THEMES RS WP Book Showcase allows Code Injection. This issue affects RS WP Book Showcase: from n/a through 6.7.41.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 16:15:00 GMT

read more

CVE-2025-48120 - MapSVG Lite Code Injection Vulnerability

CVE ID : CVE-2025-48120
Published : May 16, 2025, 4:15 p.m. | 2 hours, 29 minutes ago
Description : Improper Control of Generation of Code ('Code Injection') vulnerability in RomanCode MapSVG Lite allows Code Injection. This issue affects MapSVG Lite: from n/a through 8.6.4.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 16:15:00 GMT

read more

CVE-2025-48121 - Steve Puddick WP Notes Widget Cross-site Scripting

CVE ID : CVE-2025-48121
Published : May 16, 2025, 4:15 p.m. | 2 hours, 29 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Steve Puddick WP Notes Widget allows DOM-Based XSS. This issue affects WP Notes Widget: from n/a through 1.0.6.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 16:15:00 GMT

read more

CVE-2025-48127 - "App Cheap Push Notification Authorization Bypass"

CVE ID : CVE-2025-48127
Published : May 16, 2025, 4:15 p.m. | 2 hours, 29 minutes ago
Description : Missing Authorization vulnerability in App Cheap Push notification for Mobile and Web app allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Push notification for Mobile and Web app: from n/a through 2.0.3.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 16:15:00 GMT

read more

CVE-2025-48128 - Sharespine Woocommerce Connector Missing Authorization Vulnerability

CVE ID : CVE-2025-48128
Published : May 16, 2025, 4:15 p.m. | 2 hours, 29 minutes ago
Description : Missing Authorization vulnerability in Sharespine Sharespine Woocommerce Connector allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Sharespine Woocommerce Connector: from n/a through 4.7.55.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 16:15:00 GMT

read more

CVE-2025-48131 - Elementor Lite Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-48131
Published : May 16, 2025, 4:15 p.m. | 2 hours, 29 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saiful Islam UltraAddons Elementor Lite allows Stored XSS. This issue affects UltraAddons Elementor Lite: from n/a through 2.0.0.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 16:15:00 GMT

read more

CVE-2025-47693 - FAT Services Booking PHP Local File Inclusion

CVE ID : CVE-2025-47693
Published : May 16, 2025, 4:15 p.m. | 43 minutes ago
Description : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in roninwp FAT Services Booking allows PHP Local File Inclusion. This issue affects FAT Services Booking: from n/a through 5.5.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 16:15:00 GMT

read more

CVE-2025-48079 - Metagauss ProfileGrid Missing Authorization Vulnerability

CVE ID : CVE-2025-48079
Published : May 16, 2025, 4:15 p.m. | 43 minutes ago
Description : Missing Authorization vulnerability in Metagauss ProfileGrid allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ProfileGrid : from n/a through 5.9.5.1.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 16:15:00 GMT

read more

CVE-2025-48080 - Uncanny Owl Uncanny Toolkit for LearnDash Stored Cross-site Scripting

CVE ID : CVE-2025-48080
Published : May 16, 2025, 4:15 p.m. | 43 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Uncanny Owl Uncanny Toolkit for LearnDash allows Stored XSS. This issue affects Uncanny Toolkit for LearnDash: from n/a through 3.7.0.2.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 16:15:00 GMT

read more

CVE-2025-48112 - Karimmughal Cross-site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-48112
Published : May 16, 2025, 4:15 p.m. | 43 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in karimmughal Dot html,php,xml etc pages allows Reflected XSS. This issue affects Dot html,php,xml etc pages: from n/a through 1.0.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 16:15:00 GMT

read more

CVE-2025-48113 - Broadstreet Stored Cross-site Scripting

CVE ID : CVE-2025-48113
Published : May 16, 2025, 4:15 p.m. | 43 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Broadstreet Broadstreet allows Stored XSS. This issue affects Broadstreet: from n/a through 1.51.8.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 16:15:00 GMT

read more

CVE-2025-48114 - ShayanWeb Admin FontChanger CSRF Stored XSS

CVE ID : CVE-2025-48114
Published : May 16, 2025, 4:15 p.m. | 43 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in Shayan Farhang Pazhooh ShayanWeb Admin FontChanger allows Stored XSS. This issue affects ShayanWeb Admin FontChanger: from n/a through 1.8.1.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 16:15:00 GMT

read more

CVE-2025-48115 - Javier Revilla ValidateCertify CSRF

CVE ID : CVE-2025-48115
Published : May 16, 2025, 4:15 p.m. | 43 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in Javier Revilla ValidateCertify allows Cross Site Request Forgery. This issue affects ValidateCertify: from n/a through 1.6.2.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 16:15:00 GMT

read more

CVE-2025-48116 - EventON Missing Authorization

CVE ID : CVE-2025-48116
Published : May 16, 2025, 4:15 p.m. | 43 minutes ago
Description : Missing Authorization vulnerability in Ashan Perera EventON allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects EventON: from n/a through 2.4.4.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 16:15:00 GMT

read more

CVE-2025-32962 - Flask-AppBuilder Host Header Open Redirection Vulnerability

CVE ID : CVE-2025-32962
Published : May 16, 2025, 2:15 p.m. | 44 minutes ago
Description : Flask-AppBuilder is an application development framework built on top of Flask. Versions prior to 4.6.2 would allow for a malicious unauthenticated actor to perform an open redirect by manipulating the Host header in HTTP requests. Flask-AppBuilder 4.6.2 introduced the `FAB_SAFE_REDIRECT_HOSTS` configuration variable, which allows administrators to explicitly define which domains are considered safe for redirection. As a workaround, use a reverse proxy to enforce trusted host headers.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 14:15:00 GMT

read more

CVE-2025-47790 - Nextcloud Session Skipped Second Factor Confirmation

CVE ID : CVE-2025-47790
Published : May 16, 2025, 2:15 p.m. | 44 minutes ago
Description : Nextcloud Server is a self hosted personal cloud system. Nextcloud Server prior to 29.0.15, 30.0.9, and 31.0.3 and Nextcloud Enterprise Server prior to 26.0.13.15, 27.1.11.15, 28.0.14.6, 29.0.15, 30.0.9, and 31.0.3 have a bug with session handling. The bug caused skipping the second factor confirmation after a successful login with the username and password when the server was configured with `remember_login_cookie_lifetime` set to `0`, once the session expired on the page to select the second factor and the page is reloaded. Nextcloud Server 29.0.15, 30.0.9, and 31.0.3 and Nextcloud Enterprise Server is upgraded to 26.0.13.15, 27.1.11.15, 28.0.14.6, 29.0.15, 30.0.9 and 31.0.3 contain a patch. As a workaround, set the `remember_login_cookie_lifetime` in config.php to a value other than `0`, e.g. `900`. Beware that this is only a workaround for new sessions created after the configuration change. System administration can delete affected sessions.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 14:15:00 GMT

read more

CVE-2025-4211 - Qt Symlink Attack Vulnerability

CVE ID : CVE-2025-4211
Published : May 16, 2025, 2:15 p.m. | 43 minutes ago
Description : Improper Link Resolution Before File Access ('Link Following') vulnerability in QFileSystemEngine in the Qt corelib module on Windows which potentially allows Symlink Attacks and the use of Malicious Files. Issue originates from CVE-2024-38081. The vulnerability arises from the use of the GetTempPath API, which can be exploited by attackers to manipulate temporary file paths, potentially leading to unauthorized access and privilege escalation. The affected public API in the Qt Framework is QDir::tempPath() and anything that uses it, such as QStandardPaths with TempLocation, QTemporaryDir, and QTemporaryFile.This issue affects all version of Qt up to and including 5.15.18, from 6.0.0 through 6.5.8, from 6.6.0 through 6.8.1. It is fixed in Qt 5.15.19, Qt 6.5.9, Qt 6.8.2, 6.9.0
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 14:15:00 GMT

read more

CVE-2025-4600 - Google Cloud Classic Application Load Balancer HTTP Request Smuggling Vulnerability

CVE ID : CVE-2025-4600
Published : May 16, 2025, 2:15 p.m. | 43 minutes ago
Description : A request smuggling vulnerability existed in the Google Cloud Classic Application Load Balancer due to improper handling of chunked-encoded HTTP requests. This allowed attackers to craft requests that could be misinterpreted by backend servers. The issue was fixed by disallowing stray data after a chunk, and is no longer exploitable. No action is required as Classic Application Load Balancer service after 2025-04-26 is not vulnerable.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 14:15:00 GMT

read more

CVE-2025-4778 - "PHPGurukul Park Ticketing Management System SQL Injection Vulnerability"

CVE ID : CVE-2025-4778
Published : May 16, 2025, 2:15 p.m. | 43 minutes ago
Description : A vulnerability was found in PHPGurukul Park Ticketing Management System 2.0. It has been declared as critical. This vulnerability affects unknown code of the file /normal-search.php. The manipulation of the argument searchdata leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 14:15:00 GMT

read more

CVE-2025-4780 - PHPGurukul Park Ticketing Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4780
Published : May 16, 2025, 2:15 p.m. | 43 minutes ago
Description : A vulnerability was found in PHPGurukul Park Ticketing Management System 2.0. It has been rated as critical. This issue affects some unknown processing of the file /foreigner-search.php. The manipulation of the argument searchdata leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 14:15:00 GMT

read more

CVE-2024-40120 - SeaweedFS SQL Injection Vulnerability

CVE ID : CVE-2024-40120
Published : May 16, 2025, 1:15 p.m. | 1 hour, 43 minutes ago
Description : seaweedfs v3.68 was discovered to contain a SQL injection vulnerability via the component /abstract_sql/abstract_sql_store.go.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 13:15:00 GMT

read more

CVE-2025-2305 - Apache Linux Path Traversal Vulnerability

CVE ID : CVE-2025-2305
Published : May 16, 2025, 1:15 p.m. | 1 hour, 43 minutes ago
Description : A Path traversal vulnerability in the file download functionality was identified. This vulnerability allows unauthenticated users to download arbitrary files, in the context of the application server, from the Linux server.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 13:15:00 GMT

read more

CVE-2025-2306 - Acme File Server Unauthenticated Document Access

CVE ID : CVE-2025-2306
Published : May 16, 2025, 1:15 p.m. | 1 hour, 43 minutes ago
Description : An Improper Access Control vulnerability was identified in the file download functionality. This vulnerability allows users to download sensitive documents without authentication, if the URL is known. The attack requires the attacker to know the documents UUIDv4.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 13:15:00 GMT

read more

CVE-2025-37890 - Linux Kernel net_sched hfsc UAF Vulnerability

CVE ID : CVE-2025-37890
Published : May 16, 2025, 1:15 p.m. | 1 hour, 43 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc As described in Gerrard's report [1], we have a UAF case when an hfsc class has a netem child qdisc. The crux of the issue is that hfsc is assuming that checking for cl->qdisc->q.qlen == 0 guarantees that it hasn't inserted the class in the vttree or eltree (which is not true for the netem duplicate case). This patch checks the n_active class variable to make sure that the code won't insert the class in the vttree or eltree twice, catering for the reentrant case. [1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 13:15:00 GMT

read more

CVE-2025-40629 - PNETLab Directory Traversal Vulnerability

CVE ID : CVE-2025-40629
Published : May 16, 2025, 1:15 p.m. | 1 hour, 43 minutes ago
Description : PNETLab 4.2.10 does not properly sanitize user inputs in its file access mechanisms. This allows attackers to perform directory traversal by manipulating file paths in HTTP requests. Specifically, the application is vulnerable to requests that access sensitive files outside the intended directory.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 13:15:00 GMT

read more

CVE-2025-40907 - Apache FCGI Perl Integer Overflow Buffer Overflow Vulnerability

CVE ID : CVE-2025-40907
Published : May 16, 2025, 1:15 p.m. | 1 hour, 43 minutes ago
Description : FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 (aka fcgi) library. The included FastCGI library is affected by CVE-2025-23016, causing an integer overflow (and resultant heap-based buffer overflow) via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 13:15:00 GMT

read more

CVE-2025-4773 - "PHPGurukul Online Course Registration SQL Injection Vulnerability"

CVE ID : CVE-2025-4773
Published : May 16, 2025, 1:15 p.m. | 1 hour, 43 minutes ago
Description : A vulnerability was found in PHPGurukul Online Course Registration 3.1 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/level.php. The manipulation of the argument level leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 13:15:00 GMT

read more

CVE-2025-4777 - PHPGurukul Park Ticketing Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4777
Published : May 16, 2025, 1:15 p.m. | 1 hour, 43 minutes ago
Description : A vulnerability was found in PHPGurukul Park Ticketing Management System 2.0. It has been classified as critical. This affects an unknown part of the file /view-foreigner-ticket.php. The manipulation of the argument viewid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 13:15:00 GMT

read more

CVE-2025-4771 - PHPGurukul Online Course Registration SQL Injection Vulnerability

CVE ID : CVE-2025-4771
Published : May 16, 2025, 12:15 p.m. | 2 hours, 44 minutes ago
Description : A vulnerability, which was classified as critical, was found in PHPGurukul Online Course Registration 3.1. Affected is an unknown function of the file /admin/course.php. The manipulation of the argument coursecode leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 12:15:00 GMT

read more

CVE-2025-4772 - PHPGurukul Online Course Registration SQL Injection Vulnerability

CVE ID : CVE-2025-4772
Published : May 16, 2025, 12:15 p.m. | 2 hours, 44 minutes ago
Description : A vulnerability has been found in PHPGurukul Online Course Registration 3.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/department.php. The manipulation of the argument department leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 12:15:00 GMT

read more

CVE-2025-40630 - IceWarp Mail Server Open Redirection Vulnerability

CVE ID : CVE-2025-40630
Published : May 16, 2025, 11:15 a.m. | 3 hours, 43 minutes ago
Description : Open redirection vulnerability in IceWarp Mail Server affecting version 11.4.0. This vulnerability allows an attacker to redirect a user to any domain by sending a malicious URL to the victim, for example “ https://icewarp.domain.com///%2e%2e” https://icewarp.domain.com///%2e%2e” . This vulnerability has been tested in Firefox.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 11:15:00 GMT

read more

CVE-2025-40631 - Icewarp Mail Server Host Header Injection Vulnerability

CVE ID : CVE-2025-40631
Published : May 16, 2025, 11:15 a.m. | 3 hours, 43 minutes ago
Description : HTTP host header injection vulnerability in Icewarp Mail Server affecting version 11.4.0. By modifying the Host header and adding a payload, arbitrary JavaScript code can be executed on page load. The user must interact with a malicious link to be redirected.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 11:15:00 GMT

read more

CVE-2025-40632 - Icewarp Mail Server Cross-site Scripting (XSS)

CVE ID : CVE-2025-40632
Published : May 16, 2025, 11:15 a.m. | 3 hours, 43 minutes ago
Description : Cross-site scripting (XSS) in Icewarp Mail Server affecting version 11.4.0. This vulnerability allows an attacker to modify the “lastLogin” cookie with malicious JavaScript code that will be executed when the page is rendered.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 11:15:00 GMT

read more

CVE-2025-4769 - CBEWIN Anytxt Searcher Uncontrolled Search Path Vulnerability

CVE ID : CVE-2025-4769
Published : May 16, 2025, 11:15 a.m. | 3 hours, 43 minutes ago
Description : A vulnerability classified as critical was found in CBEWIN Anytxt Searcher 1.3.1128.0. This vulnerability affects unknown code of the file ATService.exe. The manipulation leads to uncontrolled search path. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitation appears to be difficult.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 11:15:00 GMT

read more

CVE-2025-4770 - PHPGurukul Park Ticketing Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4770
Published : May 16, 2025, 11:15 a.m. | 3 hours, 43 minutes ago
Description : A vulnerability, which was classified as critical, has been found in PHPGurukul Park Ticketing Management System 2.0. This issue affects some unknown processing of the file /view-normal-ticket.php. The manipulation of the argument viewid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 11:15:00 GMT

read more

CVE-2025-4767 - Defog-ai Introspect Code Injection Vulnerability

CVE ID : CVE-2025-4767
Published : May 16, 2025, 10:15 a.m. | 4 hours, 44 minutes ago
Description : A vulnerability was found in defog-ai introspect up to 0.1.4. It has been rated as critical. Affected by this issue is the function test_custom_tool of the file introspect/backend/integration_routes.py of the component Test Endpoint. The manipulation of the argument input_model leads to code injection. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 10:15:00 GMT

read more

CVE-2025-4768 - Feng Ha Ha/MegaGao SSM-ERP and Production SSM Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-4768
Published : May 16, 2025, 10:15 a.m. | 4 hours, 44 minutes ago
Description : A vulnerability classified as critical has been found in feng_ha_ha/megagao ssm-erp and production_ssm 1.0. This affects the function uploadPicture of the file PictureServiceImpl.java. The manipulation of the argument File leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This product is distributed under two entirely different names.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 10:15:00 GMT

read more

CVE-2025-4765 - PHPGurukul Zoo Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4765
Published : May 16, 2025, 9:15 a.m. | 5 hours, 44 minutes ago
Description : A vulnerability was found in PHPGurukul Zoo Management System 2.1. It has been classified as critical. Affected is an unknown function of the file /admin/contactus.php. The manipulation of the argument mobnum leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 09:15:00 GMT

read more

CVE-2025-4766 - PHPGurukul Zoo Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4766
Published : May 16, 2025, 9:15 a.m. | 5 hours, 44 minutes ago
Description : A vulnerability was found in PHPGurukul Zoo Management System 2.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/profile.php. The manipulation of the argument contactnumber leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 09:15:00 GMT

read more

CVE-2025-1975 - Ollama Server Array Index Access Denial of Service Vulnerability

CVE ID : CVE-2025-1975
Published : May 16, 2025, 9:15 a.m. | 3 hours, 42 minutes ago
Description : A vulnerability in the Ollama server version 0.5.11 allows a malicious user to cause a Denial of Service (DoS) attack by customizing the manifest content and spoofing a service. This is due to improper validation of array index access when downloading a model via the /api/pull endpoint, which can lead to a server crash.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 09:15:00 GMT

read more

CVE-2025-4679 - Synology Active Backup for Microsoft 365 Information Disclosure Vulnerability

CVE ID : CVE-2025-4679
Published : May 16, 2025, 9:15 a.m. | 3 hours, 42 minutes ago
Description : A vulnerability in Synology Active Backup for Microsoft 365 allows remote authenticated attackers to obtain sensitive information via unspecified vectors.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 09:15:00 GMT

read more

CVE-2024-53827 - Ericsson Packet Core Controller Denial of Service

CVE ID : CVE-2024-53827
Published : May 16, 2025, 8:15 a.m. | 4 hours, 42 minutes ago
Description : Ericsson Packet Core Controller (PCC) contains a vulnerability where an attacker sending a large volume of specially crafted messages may cause service degradation
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 08:15:00 GMT

read more

CVE-2025-4756 - D-Link DI-7003GV2 Denial of Service Vulnerability in restart.asp

CVE ID : CVE-2025-4756
Published : May 16, 2025, 8:15 a.m. | 4 hours, 42 minutes ago
Description : A vulnerability was found in D-Link DI-7003GV2 24.04.18D1 R(68125). It has been declared as problematic. This vulnerability affects unknown code of the file /H5/restart.asp. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 08:15:00 GMT

read more

CVE-2025-4757 - PHPGurukul Beauty Parlour Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4757
Published : May 16, 2025, 8:15 a.m. | 4 hours, 42 minutes ago
Description : A vulnerability was found in PHPGurukul Beauty Parlour Management System 1.1. It has been rated as critical. This issue affects some unknown processing of the file /forgot-password.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 08:15:00 GMT

read more

CVE-2025-4758 - PHPGurukul Beauty Parlour Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4758
Published : May 16, 2025, 8:15 a.m. | 4 hours, 42 minutes ago
Description : A vulnerability classified as critical has been found in PHPGurukul Beauty Parlour Management System 1.1. Affected is an unknown function of the file /contact.php. The manipulation of the argument fname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 08:15:00 GMT

read more

CVE-2025-4761 - PHPGurukul Complaint Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4761
Published : May 16, 2025, 8:15 a.m. | 4 hours, 42 minutes ago
Description : A vulnerability has been found in PHPGurukul Complaint Management System 2.0 and classified as critical. This vulnerability affects unknown code of the file /admin/admin-profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 08:15:00 GMT

read more

CVE-2024-8201 - Hitachi Ops Center Analyzer RAID Agent Cross-Site WebSocket Hijacking

CVE ID : CVE-2024-8201
Published : May 16, 2025, 7:15 a.m. | 5 hours, 42 minutes ago
Description : Cross-Site WebSocket Hijacking vulnerability in Hitachi Ops Center Analyzer (RAID Agent component).This issue affects Hitachi Ops Center Analyzer: from 10.8.0-00 before 11.0.4-00; Hitachi Ops Center Analyzer: from 10.9.0-00 before 11.0.4-00.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 07:15:00 GMT

read more

CVE-2025-1531 - Hitachi Ops Center Analyzer Viewpoint Authentication Credentials Leakage

CVE ID : CVE-2025-1531
Published : May 16, 2025, 7:15 a.m. | 5 hours, 42 minutes ago
Description : Authentication credentials leakage vulnerability in Hitachi Ops Center Analyzer viewpoint.This issue affects Hitachi Ops Center Analyzer viewpoint: from 10.0.0-00 before 11.0.4-00.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 07:15:00 GMT

read more

CVE-2025-3624 - Hitachi Ops Center Analyzer Missing Authorization Vulnerability

CVE ID : CVE-2025-3624
Published : May 16, 2025, 7:15 a.m. | 5 hours, 42 minutes ago
Description : Missing Authorization vulnerability in Hitachi Ops Center Analyzer (Hitachi Ops Center Analyzer detail view component).This issue affects Hitachi Ops Center Analyzer: from 10.0.0-00 before 11.0.4-00.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 07:15:00 GMT

read more

CVE-2025-4753 - D-Link DI-7003GV2 File Disclosure Vulnerability

CVE ID : CVE-2025-4753
Published : May 16, 2025, 7:15 a.m. | 5 hours, 42 minutes ago
Description : A vulnerability was found in D-Link DI-7003GV2 24.04.18D1 R(68125) and classified as problematic. Affected by this issue is some unknown functionality of the file /login.data. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 07:15:00 GMT

read more

CVE-2025-4755 - D-Link DI-7003GV2 Authentication Bypass Vulnerability

CVE ID : CVE-2025-4755
Published : May 16, 2025, 7:15 a.m. | 5 hours, 42 minutes ago
Description : A vulnerability was found in D-Link DI-7003GV2 24.04.18D1 R(68125). It has been classified as critical. This affects the function sub_497DE4 of the file /H5/netconfig.asp. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 07:15:00 GMT

read more

CVE-2025-4751 - D-Link DI-7003GV2 Information Disclosure Vulnerability

CVE ID : CVE-2025-4751
Published : May 16, 2025, 6:15 a.m. | 6 hours, 42 minutes ago
Description : A vulnerability, which was classified as problematic, was found in D-Link DI-7003GV2 24.04.18D1 R(68125). Affected is an unknown function of the file /index.data. The manipulation leads to information disclosure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 06:15:00 GMT

read more

CVE-2025-4752 - D-Link DI-7003GV2 Remote Information Disclosure Vulnerability

CVE ID : CVE-2025-4752
Published : May 16, 2025, 6:15 a.m. | 6 hours, 42 minutes ago
Description : A vulnerability has been found in D-Link DI-7003GV2 24.04.18D1 R(68125) and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /install_base.data. The manipulation leads to information disclosure. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 06:15:00 GMT

read more

CVE-2025-1245 - Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer Bypass Connection Restriction Vulnerability

CVE ID : CVE-2025-1245
Published : May 16, 2025, 6:15 a.m. | 4 hours, 42 minutes ago
Description : Bypass Connection Restriction vulnerability in Hitachi Infrastructure Analytics Advisor (Data Center Analytics component), Hitachi Ops Center Analyzer  (Hitachi Ops Center Analyzer detail view component).This issue affects Hitachi Infrastructure Analytics Advisor:; Hitachi Ops Center Analyzer: from 10.0.0-00 before 11.0.4-00.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 06:15:00 GMT

read more

CVE-2025-3201 - WordPress Contact Form Builder Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3201
Published : May 16, 2025, 6:15 a.m. | 4 hours, 42 minutes ago
Description : The Contact Form builder with drag & drop for WordPress WordPress plugin before 2.4.3 does not sanitise and escape some of its settings, which could allow high privilege users such as contributors to perform Stored Cross-Site Scripting attacks.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 06:15:00 GMT

read more

CVE-2025-3516 - WordPress Simple Lightbox Stored Cross-Site Scripting

CVE ID : CVE-2025-3516
Published : May 16, 2025, 6:15 a.m. | 4 hours, 42 minutes ago
Description : The Simple Lightbox WordPress plugin before 2.9.4 does not validate and escape some of its attributes before outputting them back in a page/post, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 06:15:00 GMT

read more

CVE-2025-4750 - D-Link Configuration Handler Remote Information Disclosure Vulnerability

CVE ID : CVE-2025-4750
Published : May 16, 2025, 6:15 a.m. | 4 hours, 42 minutes ago
Description : A vulnerability, which was classified as problematic, has been found in D-Link DI-7003GV2 24.04.18D1 R(68125). This issue affects some unknown processing of the file /H5/get_version.data of the component Configuration Handler. The manipulation leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 06:15:00 GMT

read more

CVE-2025-4747 - NetDragon Firewall Command Injection Vulnerability

CVE ID : CVE-2025-4747
Published : May 16, 2025, 5:15 a.m. | 5 hours, 42 minutes ago
Description : A vulnerability was found in Bohua NetDragon Firewall 1.0 and classified as critical. This issue affects some unknown processing of the file /systemstatus/ip_status.php. The manipulation of the argument subnet leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 05:15:00 GMT

read more

CVE-2025-4749 - D-Link DI-7003GV2 Denial of Service Vulnerability

CVE ID : CVE-2025-4749
Published : May 16, 2025, 5:15 a.m. | 5 hours, 42 minutes ago
Description : A vulnerability classified as critical was found in D-Link DI-7003GV2 24.04.18D1 R(68125). This vulnerability affects the function sub_4983B0 of the file /H5/backup.asp?opt=reset of the component Factory Reset Handler. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 05:15:00 GMT

read more

CVE-2025-4759 - Lockfile Lint API Incorrect Behavior Order Vulnerability

CVE ID : CVE-2025-4759
Published : May 16, 2025, 5:15 a.m. | 5 hours, 42 minutes ago
Description : Versions of the package lockfile-lint-api before 5.9.2 are vulnerable to Incorrect Behavior Order: Early Validation via the resolved attribute of the package URL validation which can be bypassed by extending the package name allowing an attacker to install other npm packages than the intended one.
Severity: 8.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 05:15:00 GMT

read more

CVE-2025-48174 - Avif Integer Overflow Buffer Overflow Vulnerability

CVE ID : CVE-2025-48174
Published : May 16, 2025, 5:15 a.m. | 3 hours, 41 minutes ago
Description : In libavif before 1.3.0, makeRoom in stream.c has an integer overflow and resultant buffer overflow in stream->offset+size.
Severity: 4.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 05:15:00 GMT

read more

CVE-2025-48175 - Libavif Integer Overflow Vulnerability

CVE ID : CVE-2025-48175
Published : May 16, 2025, 5:15 a.m. | 3 hours, 41 minutes ago
Description : In libavif before 1.3.0, avifImageRGBToYUV in reformat.c has integer overflows in multiplications involving rgbRowBytes, yRowBytes, uRowBytes, and vRowBytes.
Severity: 4.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 05:15:00 GMT

read more

CVE-2025-4746 - Campcodes Sales and Inventory System SQL Injection Vulnerability

CVE ID : CVE-2025-4746
Published : May 16, 2025, 5:15 a.m. | 3 hours, 41 minutes ago
Description : A vulnerability has been found in Campcodes Sales and Inventory System 1.0 and classified as critical. This vulnerability affects unknown code of the file /pages/purchase_delete.php. The manipulation of the argument pr_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 05:15:00 GMT

read more

CVE-2025-4743 - Code-projects Employee Record System SQL Injection Vulnerability

CVE ID : CVE-2025-4743
Published : May 16, 2025, 4:15 a.m. | 4 hours, 41 minutes ago
Description : A vulnerability classified as critical was found in code-projects Employee Record System 1.0. Affected by this vulnerability is an unknown functionality of the file /dashboard/getData.php. The manipulation of the argument keywords leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 04:15:00 GMT

read more

CVE-2025-4744 - Apache Employee Record System Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-4744
Published : May 16, 2025, 4:15 a.m. | 4 hours, 41 minutes ago
Description : A vulnerability, which was classified as problematic, has been found in code-projects Employee Record System 1.0. Affected by this issue is some unknown functionality of the file dashboard\edit_employee.php. The manipulation of the argument employeed_id/first_name/middle_name/last_name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 04:15:00 GMT

read more

CVE-2025-4745 - Apache Code-projects Employee Record System Cross-Site Scripting

CVE ID : CVE-2025-4745
Published : May 16, 2025, 4:15 a.m. | 4 hours, 41 minutes ago
Description : A vulnerability, which was classified as problematic, was found in code-projects Employee Record System 1.0. This affects an unknown part of the file current_employees.php. The manipulation of the argument employeed_id/first_name/middle_name/last_name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 04:15:00 GMT

read more

CVE-2025-4741 - Campcodes Sales and Inventory System SQL Injection

CVE ID : CVE-2025-4741
Published : May 16, 2025, 4:15 a.m. | 2 hours, 43 minutes ago
Description : A vulnerability was found in Campcodes Sales and Inventory System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /pages/purchase_add.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 04:15:00 GMT

read more

CVE-2025-4742 - XU-YIJIE Grpo-flat Python Deserialization Vulnerability

CVE ID : CVE-2025-4742
Published : May 16, 2025, 4:15 a.m. | 2 hours, 43 minutes ago
Description : A vulnerability classified as problematic has been found in XU-YIJIE grpo-flat up to 9024b43f091e2eb9bac65802b120c0b35f9ba856. Affected is the function main of the file grpo_vanilla.py. The manipulation leads to deserialization. Local access is required to approach this attack. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 04:15:00 GMT

read more

CVE-2025-4169 - WordPress Posts per Cat Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-4169
Published : May 16, 2025, 3:15 a.m. | 3 hours, 43 minutes ago
Description : The Posts per Cat [Unmaintained plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ppc' shortcode in all versions up to, and including, 1.4.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 03:15:00 GMT

read more

CVE-2025-4739 - Projectworlds Hospital Database Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4739
Published : May 16, 2025, 3:15 a.m. | 3 hours, 43 minutes ago
Description : A vulnerability was found in projectworlds Hospital Database Management System 1.0. It has been classified as critical. This affects an unknown part of the file /medicines_info.php. The manipulation of the argument Med_ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 03:15:00 GMT

read more

CVE-2025-4740 - BeamCtrl Airiana Deserialization Vulnerability

CVE ID : CVE-2025-4740
Published : May 16, 2025, 3:15 a.m. | 3 hours, 43 minutes ago
Description : A vulnerability was found in BeamCtrl Airiana up to 11.0. It has been declared as problematic. This vulnerability affects unknown code of the file coef. The manipulation leads to deserialization. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 03:15:00 GMT

read more

CVE-2025-4735 - Campcodes Sales and Inventory System Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-4735
Published : May 16, 2025, 2:15 a.m. | 4 hours, 43 minutes ago
Description : A vulnerability has been found in Campcodes Sales and Inventory System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /pages/product.php. The manipulation of the argument Picture leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 02:15:00 GMT

read more

CVE-2025-4736 - PHPGurukul Daily Expense Tracker SQL Injection Vulnerability

CVE ID : CVE-2025-4736
Published : May 16, 2025, 2:15 a.m. | 4 hours, 43 minutes ago
Description : A vulnerability was found in PHPGurukul Daily Expense Tracker 1.1 and classified as critical. Affected by this issue is some unknown functionality of the file /register.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 02:15:00 GMT

read more

CVE-2025-4732 - TOTOLINK A3002R/A3002RU HTTP POST Request Handler Buffer Overflow

CVE ID : CVE-2025-4732
Published : May 16, 2025, 1:15 a.m. | 5 hours, 43 minutes ago
Description : A vulnerability classified as critical was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. This vulnerability affects unknown code of the file /boafrm/formFilter of the component HTTP POST Request Handler. The manipulation of the argument ip6addr leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 01:15:00 GMT

read more

CVE-2025-4733 - TOTOLINK A3002R/A3002RU HTTP POST Request Handler Buffer Overflow Vulnerability

CVE ID : CVE-2025-4733
Published : May 16, 2025, 1:15 a.m. | 5 hours, 43 minutes ago
Description : A vulnerability, which was classified as critical, has been found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. This issue affects some unknown processing of the file /boafrm/formIpQoS of the component HTTP POST Request Handler. The manipulation of the argument mac leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 01:15:00 GMT

read more

CVE-2025-4734 - Campcodes Sales and Inventory System SQL Injection

CVE ID : CVE-2025-4734
Published : May 16, 2025, 1:15 a.m. | 5 hours, 43 minutes ago
Description : A vulnerability, which was classified as critical, was found in Campcodes Sales and Inventory System 1.0. Affected is an unknown function of the file /pages/ci_update.php. The manipulation of the argument Name leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 01:15:00 GMT

read more

CVE-2024-51475 - IBM Content Navigator HTML Injection Vulnerability

CVE ID : CVE-2024-51475
Published : May 16, 2025, 1:15 a.m. | 5 hours, 8 minutes ago
Description : IBM Content Navigator 3.0.11, 3.0.15, and 3.1.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 01:15:00 GMT

read more

CVE-2025-47809 - Wibu CodeMeter Privilege Escalation Vulnerability

CVE ID : CVE-2025-47809
Published : May 16, 2025, 1:15 a.m. | 5 hours, 8 minutes ago
Description : Wibu CodeMeter before 8.30a sometimes allows privilege escalation immediately after installation (before a logoff or reboot). For exploitation, there must have been an unprivileged installation with UAC, and the CodeMeter Control Center component must be installed, and the CodeMeter Control Center component must not have been restarted. In this scenario, the local user can navigate from Import License to a privileged instance of Windows Explorer.
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 01:15:00 GMT

read more

CVE-2025-47930 - Zulip Public Channel Creation Privilege Escalation Vulnerability

CVE ID : CVE-2025-47930
Published : May 16, 2025, 12:15 a.m. | 6 hours, 9 minutes ago
Description : Zulip is an open-source team chat application. Starting in version 10.0 and prior to version 10.3, the "Who can create public channels" access control mechanism can be circumvented by creating a private or web-public channel, and then changing the channel privacy to public. A similar technique works for creating private channels without permission, though such a process requires either the API or modifying the HTML, as we do mark the "private" radio button as disabled in such cases. Version 10.3 contains a patch.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 00:15:00 GMT

read more

CVE-2025-4729 - TOTOLINK A3002R/A3002RU Command Injection Vulnerability

CVE ID : CVE-2025-4729
Published : May 16, 2025, 12:15 a.m. | 6 hours, 9 minutes ago
Description : A vulnerability was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formMapDelDevice of the component HTTP POST Request Handler. The manipulation of the argument macstr leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 00:15:00 GMT

read more

CVE-2025-4730 - TOTOLINK A3002R/A3002RU HTTP POST Request Handler Buffer Overflow Vulnerability

CVE ID : CVE-2025-4730
Published : May 16, 2025, 12:15 a.m. | 6 hours, 9 minutes ago
Description : A vulnerability was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. It has been rated as critical. Affected by this issue is some unknown functionality of the file /boafrm/formMapDel of the component HTTP POST Request Handler. The manipulation of the argument devicemac1 leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 00:15:00 GMT

read more

CVE-2025-4731 - TOTOLINK HTTP POST Request Handler Buffer Overflow Vulnerability

CVE ID : CVE-2025-4731
Published : May 16, 2025, 12:15 a.m. | 6 hours, 9 minutes ago
Description : A vulnerability classified as critical has been found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. This affects an unknown part of the file /boafrm/formPortFw of the component HTTP POST Request Handler. The manipulation of the argument service_type leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 16 May 2025 00:15:00 GMT

read more

CVE-2025-0921 - Mitsubishi Electric GENESIS64/MC Works64 Symbolic Link Privilege Escalation Vulnerability

CVE ID : CVE-2025-0921
Published : May 15, 2025, 11:15 p.m. | 5 hours, 41 minutes ago
Description : Execution with Unnecessary Privileges vulnerability in the Pager agent of multi-agent notification feature in Mitsubishi Electric Iconics Digital Solutions GENESIS64 prior to 10.97.3, Mitsubishi Electric GENESIS64 all versions and Mitsubishi Electric MC Works64 all versions allows a local authenticated attacker to make an unauthorized write to arbitrary files, by creating a symbolic link from a file used as a write destination by the services of the affected products to a target file. This could allow the attacker to destroy the file on a PC with the affected products installed, resulting in a denial-of-service (DoS) condition on the PC if the destroyed file is necessary for the operation of the PC.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 23:15:00 GMT

read more

CVE-2025-4209 - "Apache HTTP Server Command Injection Vulnerability"

CVE ID : CVE-2025-4209
Published : May 15, 2025, 11:15 p.m. | 5 hours, 41 minutes ago
Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 23:15:00 GMT

read more

CVE-2025-4726 - iSourcecode Placement Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4726
Published : May 15, 2025, 11:15 p.m. | 5 hours, 41 minutes ago
Description : A vulnerability has been found in itsourcecode Placement Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /view_student.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 23:15:00 GMT

read more

CVE-2025-4727 - Meteor DDP-Server Regular Expression Complexity Remote Vulnerability

CVE ID : CVE-2025-4727
Published : May 15, 2025, 11:15 p.m. | 5 hours, 41 minutes ago
Description : A vulnerability was found in Meteor up to 3.2.1 and classified as problematic. This issue affects the function Object.assign of the file packages/ddp-server/livedata_server.js. The manipulation of the argument forwardedFor leads to inefficient regular expression complexity. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 3.2.2 is able to address this issue. The identifier of the patch is f7ea6817b90952baaea9baace2a3b4366fee6a63. It is recommended to upgrade the affected component.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 23:15:00 GMT

read more

CVE-2025-4728 - SourceCodester Best Online News Portal SQL Injection

CVE ID : CVE-2025-4728
Published : May 15, 2025, 11:15 p.m. | 5 hours, 41 minutes ago
Description : A vulnerability was found in SourceCodester Best Online News Portal 1.0. It has been classified as critical. Affected is an unknown function of the file /search.php. The manipulation of the argument searchtitle leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 23:15:00 GMT

read more

CVE-2025-4725 - iSourcecode Placement Management System SQL Injection

CVE ID : CVE-2025-4725
Published : May 15, 2025, 10:15 p.m. | 6 hours, 41 minutes ago
Description : A vulnerability, which was classified as critical, was found in itsourcecode Placement Management System 1.0. This affects an unknown part of the file /view_drive.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 22:15:00 GMT

read more

CVE-2025-47275 - Auth0-PHP Session Cookie Brute Force

CVE ID : CVE-2025-47275
Published : May 15, 2025, 10:15 p.m. | 4 hours, 43 minutes ago
Description : Auth0-PHP provides the PHP SDK for Auth0 Authentication and Management APIs. Starting in version 8.0.0-BETA1 and prior to version 8.14.0, session cookies of applications using the Auth0-PHP SDK configured with CookieStore have authentication tags that can be brute forced, which may result in unauthorized access. Certain pre-conditions are required to be vulnerable to this issue: Applications using the Auth0-PHP SDK, or the Auth0/symfony, Auth0/laravel-auth0, and Auth0/wordpress SDKs that rely on the Auth0-PHP SDK; and session storage configured with CookieStore. Upgrade Auth0/Auth0-PHP to v8.14.0 to receive a patch. As an additional precautionary measure, rotating cookie encryption keys is recommended. Note that once updated, any previous session cookies will be rejected.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 22:15:00 GMT

read more

CVE-2025-47287 - Tornado Multipart Form Data Denial of Service Vulnerability

CVE ID : CVE-2025-47287
Published : May 15, 2025, 10:15 p.m. | 4 hours, 43 minutes ago
Description : Tornado is a Python web framework and asynchronous networking library. When Tornado's ``multipart/form-data`` parser encounters certain errors, it logs a warning but continues trying to parse the remainder of the data. This allows remote attackers to generate an extremely high volume of logs, constituting a DoS attack. This DoS is compounded by the fact that the logging subsystem is synchronous. All versions of Tornado prior to 6.5.0 are affected. The vulnerable parser is enabled by default. Upgrade to Tornado version 6.50 to receive a patch. As a workaround, risk can be mitigated by blocking `Content-Type: multipart/form-data` in a proxy.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 22:15:00 GMT

read more

CVE-2025-4722 - iSourcecode Placement Management System SQL Injection

CVE ID : CVE-2025-4722
Published : May 15, 2025, 10:15 p.m. | 4 hours, 43 minutes ago
Description : A vulnerability classified as critical has been found in itsourcecode Placement Management System 1.0. Affected is an unknown function of the file /edit_profile.php. The manipulation of the argument Name leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 22:15:00 GMT

read more

CVE-2025-4723 - iSourcecode Placement Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4723
Published : May 15, 2025, 10:15 p.m. | 4 hours, 43 minutes ago
Description : A vulnerability classified as critical was found in itsourcecode Placement Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /all_student.php. The manipulation of the argument delete leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 22:15:00 GMT

read more

CVE-2025-4724 - iSourcecode Placement Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4724
Published : May 15, 2025, 10:15 p.m. | 4 hours, 43 minutes ago
Description : A vulnerability, which was classified as critical, has been found in itsourcecode Placement Management System 1.0. Affected by this issue is some unknown functionality of the file /student_profile.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 22:15:00 GMT

read more

CVE-2025-4719 - Campcodes Sales and Inventory System SQL Injection Vulnerability

CVE ID : CVE-2025-4719
Published : May 15, 2025, 9:15 p.m. | 5 hours, 43 minutes ago
Description : A vulnerability was found in Campcodes Sales and Inventory System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /pages/cash_transaction.php. The manipulation of the argument cid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 21:15:00 GMT

read more

CVE-2025-4720 - SourceCodester Student Result Management System Remote Path Traversal Vulnerability

CVE ID : CVE-2025-4720
Published : May 15, 2025, 9:15 p.m. | 5 hours, 43 minutes ago
Description : A vulnerability was found in SourceCodester Student Result Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file academic/core/drop_student.php. The manipulation of the argument img leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 21:15:00 GMT

read more

CVE-2025-4721 - iSourcecode Placement Management System SQL Injection

CVE ID : CVE-2025-4721
Published : May 15, 2025, 9:15 p.m. | 5 hours, 43 minutes ago
Description : A vulnerability was found in itsourcecode Placement Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /drive.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 21:15:00 GMT

read more

CVE-2025-47929 - DumbDrop DOM Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-47929
Published : May 15, 2025, 9:15 p.m. | 5 hours, 8 minutes ago
Description : DumbDrop, a file upload application that provides an interface for dragging and dropping files, has a DOM cross-site scripting vulnerability in the upload functionality prior to commit db27b25372eb9071e63583d8faed2111a2b79f1b. A user could be tricked into uploading a file with a malicious payload. Commit db27b25372eb9071e63583d8faed2111a2b79f1b fixes the vulnerability.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 21:15:00 GMT

read more

CVE-2025-4718 - Campcodes Sales and Inventory System SQL Injection

CVE ID : CVE-2025-4718
Published : May 15, 2025, 9:15 p.m. | 5 hours, 8 minutes ago
Description : A vulnerability has been found in Campcodes Sales and Inventory System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /pages/customer_add.php. The manipulation of the argument last leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 21:15:00 GMT

read more

CVE-2025-1138 - IBM InfoSphere Information Server Directory Traversal Vulnerability

CVE ID : CVE-2025-1138
Published : May 15, 2025, 9:15 p.m. | 3 hours, 35 minutes ago
Description : IBM InfoSphere Information Server 11.7 could disclose sensitive information to an authenticated user that could aid in further attacks against the system through a directory listing.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 21:15:00 GMT

read more

CVE-2025-47928 - Spotify/Github Spotipy Untrusted Code Execution Vulnerability

CVE ID : CVE-2025-47928
Published : May 15, 2025, 8:16 p.m. | 4 hours, 34 minutes ago
Description : Spotipy is a Python library for the Spotify Web API. As of commit 4f5759dbfb4506c7b6280572a4db1aabc1ac778d, using `pull_request_target` on `.github/workflows/integration_tests.yml` followed by the checking out the head.sha of a forked PR can be exploited by attackers, since untrusted code can be executed having full access to secrets (from the base repo). By exploiting the vulnerability is possible to exfiltrate `GITHUB_TOKEN` and secrets `SPOTIPY_CLIENT_ID`, `SPOTIPY_CLIENT_SECRET`. In particular `GITHUB_TOKEN` which can be used to completely overtake the repo since the token has content write privileges. The `pull_request_target` in GitHub Actions is a major security concern—especially in public repositories—because it executes untrusted code from a PR, but with the context of the base repository, including access to its secrets. Commit 9dfb7177b8d7bb98a5a6014f8e6436812a47576f reverted the change that caused the issue.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 20:16:00 GMT

read more

CVE-2025-4715 - Campcodes Sales and Inventory System SQL Injection Vulnerability

CVE ID : CVE-2025-4715
Published : May 15, 2025, 8:16 p.m. | 4 hours, 34 minutes ago
Description : A vulnerability was found in Campcodes Sales and Inventory System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /pages/view_application.php. The manipulation of the argument cid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 20:16:00 GMT

read more

CVE-2025-4716 - Campcodes Sales and Inventory System SQL Injection Vulnerability

CVE ID : CVE-2025-4716
Published : May 15, 2025, 8:16 p.m. | 4 hours, 34 minutes ago
Description : A vulnerability was found in Campcodes Sales and Inventory System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /pages/credit_transaction_add.php. The manipulation of the argument prod_name leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 20:16:00 GMT

read more

CVE-2025-4717 - PHPGurukul Company Visitor Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4717
Published : May 15, 2025, 8:16 p.m. | 4 hours, 34 minutes ago
Description : A vulnerability, which was classified as critical, was found in PHPGurukul Company Visitor Management System 2.0. Affected is an unknown function of the file /visitors-form.php. The manipulation of the argument fullname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 20:16:00 GMT

read more

CVE-2025-2248 - "WordPress WP-PManager SQL Injection Vulnerability"

CVE ID : CVE-2025-2248
Published : May 15, 2025, 8:16 p.m. | 2 hours, 40 minutes ago
Description : The WP-PManager WordPress plugin through 1.2 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 20:16:00 GMT

read more

CVE-2025-46834 - Alchemy's Modular Account Allowlist Bypass Vulnerability (Authorization Issue)

CVE ID : CVE-2025-46834
Published : May 15, 2025, 8:16 p.m. | 2 hours, 40 minutes ago
Description : Alchemy's Modular Account is a smart contract account that is compatible with ERC-4337 and ERC-6900. In versions on the 2.x branch prior to commit 5e6f540d249afcaeaf76ab95517d0359fde883b0, owners of Modular Accounts can grant session keys (scoped external keys) to external parties and would use the allowlist module to restrict which external contracts can be accessed by the session key. There is a bug in the allowlist module in that we don't check for the `executeUserOp` -> `execute` or `executeBatch` path, effectively allowing any session key to bypass any access control restrictions set on the session key. Session keys are able to access ERC20 and ERC721 token contracts amongst others, transferring all tokens from the account out andonfigure the permissions on external modules on session keys. They would be able to remove all restrictions set on themselves this way, or rotate the keys of other keys with higher privileges into keys that they control. Commit 5e6f540d249afcaeaf76ab95517d0359fde883b0 fixes this issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 20:16:00 GMT

read more

CVE-2025-47161 - Microsoft Defender for Endpoint Elevation of Privilege Vulnerability

CVE ID : CVE-2025-47161
Published : May 15, 2025, 8:16 p.m. | 2 hours, 40 minutes ago
Description : Microsoft Defender for Endpoint Elevation of Privilege Vulnerability
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 20:16:00 GMT

read more

CVE-2025-47784 - Emlog Deserialization Vulnerability

CVE ID : CVE-2025-47784
Published : May 15, 2025, 8:16 p.m. | 2 hours, 40 minutes ago
Description : Emlog is an open source website building system. Versions 2.5.13 and prior have a deserialization vulnerability. A user who creates a carefully crafted nickname can cause `str_replace` to replace the value of `name_orig` with empty, causing deserialization to fail and return `false`. Commit 9643250802188b791419e3c2188577073256a8a2 fixes the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 20:16:00 GMT

read more

CVE-2025-47785 - Emlog SQL Injection and Remote Code Execution

CVE ID : CVE-2025-47785
Published : May 15, 2025, 8:16 p.m. | 2 hours, 40 minutes ago
Description : Emlog is an open source website building system. In versions up to and including 2.5.9, SQL injection occurs because the $origContent parameter in admin/article_save.php is not strictly filtered. Since admin/article_save.php can be accessed by ordinary registered users, this will cause SQL injection to occur when the registered site is enabled, resulting in the injection of the admin account and password, which is then exploited by the backend remote code execution. As of time of publication, it is unknown whether a fix exists.
Severity: 8.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 20:16:00 GMT

read more

CVE-2025-47786 - Emlog Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-47786
Published : May 15, 2025, 8:16 p.m. | 2 hours, 40 minutes ago
Description : Emlog is an open source website building system. Version 2.5.13 has a stored cross-site scripting vulnerability that allows any registered user to construct malicious JavaScript, inducing all website users to click. In `/admin/comment.php`, the parameter `perpage_num` is not validated and is directly stored in the `admin_commend_perpage_num` field of the `emlog_options` table in the database. Moreover, the output is not filtered, resulting in the direct output of malicious code. As of time of publication, it is unclear if a patch exists.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 20:16:00 GMT

read more

CVE-2025-47787 - Emlog Pro Remote Code Execution Vulnerability

CVE ID : CVE-2025-47787
Published : May 15, 2025, 8:16 p.m. | 2 hours, 40 minutes ago
Description : Emlog is an open source website building system. Emlog Pro prior to version 2.5.10 contains a file upload vulnerability. The store.php component contains a critical security flaw where it fails to properly validate the contents of remotely downloaded ZIP plugin files. This insufficient validation allows attackers to execute arbitrary code on the vulnerable system. Version 2.5.10 contains a patch for the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 20:16:00 GMT

read more

CVE-2025-47788 - Atheos File Traversal Vulnerability

CVE ID : CVE-2025-47788
Published : May 15, 2025, 8:16 p.m. | 2 hours, 40 minutes ago
Description : Atheos is a self-hosted browser-based cloud IDE. Prior to v602, similar to GHSA-rgjm-6p59-537v/CVE-2025-22152, the `$target` parameter in `/controller.php` was not properly validated, which could allow an attacker to execute arbitrary files on the server via path traversal. v602 contains a fix for the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 20:16:00 GMT

read more

CVE-2025-47789 - Horilla Phishing Redirect Vulnerability

CVE ID : CVE-2025-47789
Published : May 15, 2025, 8:16 p.m. | 2 hours, 40 minutes ago
Description : Horilla is a free and open source Human Resource Management System (HRMS). In versions up to and including 1.3, an attacker can craft a Horilla URL that refers to an external domain. Upon clicking and logging in, the user is redirected to an external domain. This allows the redirection to any arbitrary site, including phishing or malicious domains, which can be used to impersonate Horilla and trick users. Commit 1c72404df6888bb23af73c767fdaee5e6679ebd6 fixes the issue.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 20:16:00 GMT

read more

CVE-2024-9882 - Salon Booking System Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2024-9882
Published : May 15, 2025, 8:16 p.m. | 40 minutes ago
Description : The Salon Booking System, Appointment Scheduling for Salons, Spas & Small Businesses WordPress plugin before 1.9.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 20:16:00 GMT

read more

CVE-2025-0329 - WordPress AI ChatBot Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-0329
Published : May 15, 2025, 8:16 p.m. | 40 minutes ago
Description : The AI ChatBot for WordPress WordPress plugin before 6.2.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 20:16:00 GMT

read more

CVE-2025-0687 - "WordPress Spiritual Gifts Survey Reflected Cross-Site Scripting"

CVE ID : CVE-2025-0687
Published : May 15, 2025, 8:16 p.m. | 40 minutes ago
Description : The Spiritual Gifts Survey (and optional S.H.A.P.E survey) WordPress plugin through 0.9.10 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against only unauthenticated users.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 20:16:00 GMT

read more

CVE-2025-0688 - Spiritual Gifts Survey WordPress Reflected Cross-Site Scripting

CVE ID : CVE-2025-0688
Published : May 15, 2025, 8:16 p.m. | 40 minutes ago
Description : The Spiritual Gifts Survey (and optional S.H.A.P.E survey) WordPress plugin through 0.9.10 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against only unauthenticated users.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 20:16:00 GMT

read more

CVE-2025-1033 - Badgearoo WordPress Stored Cross-Site Scripting (XSS)

CVE ID : CVE-2025-1033
Published : May 15, 2025, 8:16 p.m. | 40 minutes ago
Description : The Badgearoo WordPress plugin through 1.0.14 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 20:16:00 GMT

read more

CVE-2025-1286 - WordPress TinyMCE Button Reflected Cross-Site Scripting

CVE ID : CVE-2025-1286
Published : May 15, 2025, 8:16 p.m. | 40 minutes ago
Description : The Download HTML TinyMCE Button WordPress plugin through 1.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 20:16:00 GMT

read more

CVE-2025-1288 - WOOEXIM WordPress CSRF Reflected XSS

CVE ID : CVE-2025-1288
Published : May 15, 2025, 8:16 p.m. | 40 minutes ago
Description : The WOOEXIM WordPress plugin through 5.0.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make an unauthenticated user vulnerable to reflected XSS via a CSRF attack.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 20:16:00 GMT

read more

CVE-2025-1289 - WordPress Oficial Plugin Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-1289
Published : May 15, 2025, 8:16 p.m. | 40 minutes ago
Description : The Plugin Oficial WordPress plugin through 1.7.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 20:16:00 GMT

read more

CVE-2025-1303 - WordPress Plugin Oficial Reflected Cross-Site Scripting

CVE ID : CVE-2025-1303
Published : May 15, 2025, 8:16 p.m. | 40 minutes ago
Description : The Plugin Oficial WordPress plugin through 1.7.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against only unauthenticated users.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 20:16:00 GMT

read more

CVE-2025-1454 - Ninja Pages Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-1454
Published : May 15, 2025, 8:16 p.m. | 40 minutes ago
Description : The Ninja Pages WordPress plugin through 1.4.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 20:16:00 GMT

read more

CVE-2025-2203 - FunnelKit WordPress SQL Injection Vulnerability

CVE ID : CVE-2025-2203
Published : May 15, 2025, 8:16 p.m. | 40 minutes ago
Description : The FunnelKit WordPress plugin before 3.10.2 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 20:16:00 GMT

read more

CVE-2025-2247 - WordPress WP-PManager CSRF

CVE ID : CVE-2025-2247
Published : May 15, 2025, 8:16 p.m. | 40 minutes ago
Description : The WP-PManager WordPress plugin through 1.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 20:16:00 GMT

read more

CVE-2025-43853 - "WAMR Symlink Following Vulnerability"

CVE ID : CVE-2025-43853
Published : May 15, 2025, 6:15 p.m. | 43 minutes ago
Description : The WebAssembly Micro Runtime's (WAMR) iwasm package is the executable binary built with WAMR VMcore which supports WebAssembly System Interface (WASI) and command line interface. Anyone running WAMR up to and including version 2.2.0 or WAMR built with libc-uvwasi on Windows is affected by a symlink following vulnerability. On WAMR running in Windows, creating a symlink pointing outside of the preopened directory and subsequently opening it with create flag will create a file on host outside of the sandbox. If the symlink points to an existing host file, it's also possible to open it and read its content. Version 2.3.0 fixes the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 18:15:00 GMT

read more

CVE-2025-44110 - FluxBB Cross-Site Scripting (XSS) in Forum Description Field

CVE ID : CVE-2025-44110
Published : May 15, 2025, 6:15 p.m. | 43 minutes ago
Description : FluxBB 1.5.11 is vulnerable to Cross Site Scripting (XSS) in via the Forum Description Field in admin_forums.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 18:15:00 GMT

read more

CVE-2025-47279 - Undici SSL Certificate Invalid Memory Leak

CVE ID : CVE-2025-47279
Published : May 15, 2025, 6:15 p.m. | 43 minutes ago
Description : Undici is an HTTP/1.1 client for Node.js. Prior to versions 5.29.0, 6.21.2, and 7.5.0, applications that use undici to implement a webhook-like system are vulnerable. If the attacker set up a server with an invalid certificate, and they can force the application to call the webhook repeatedly, then they can cause a memory leak. This has been patched in versions 5.29.0, 6.21.2, and 7.5.0. As a workaound, avoid calling a webhook repeatedly if the webhook fails.
Severity: 3.1 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 18:15:00 GMT

read more

CVE-2025-47285 - Vyper Ethereum Virtual Machine Side-Effect Evaluation Vulnerability

CVE ID : CVE-2025-47285
Published : May 15, 2025, 6:15 p.m. | 43 minutes ago
Description : Vyper is the Pythonic Programming Language for the Ethereum Virtual Machine. In versions up to and including 0.4.2rc1, `concat()` may skip evaluation of side effects when the length of an argument is zero. This is due to a fastpath in the implementation which skips evaluation of argument expressions when their length is zero. In practice, it would be very unusual in user code to construct zero-length bytestrings using an expression with side-effects, since zero-length bytestrings are typically constructed with the empty literal `b""`; the only way to construct an empty bytestring which has side effects would be with the ternary operator introduced in v0.3.8, e.g. `b"" if self.do_some_side_effect() else b""`. The fix is available in pull request 4644 and expected to be part of the 0.4.2 release. As a workaround, don't have side effects in expressions which construct zero-length bytestrings.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 18:15:00 GMT

read more

CVE-2025-47774 - Vyper Uninitialized Side Effect Elision in Slice Builtin

CVE ID : CVE-2025-47774
Published : May 15, 2025, 6:15 p.m. | 43 minutes ago
Description : Vyper is the Pythonic Programming Language for the Ethereum Virtual Machine. In versions up to and including 0.4.2rc1, the `slice()` builtin can elide side effects when the output length is 0, and the source bytestring is a builtin (`msg.data` or `

.code`). The reason is that for these source locations, the check that `length >= 1` is skipped. The result is that a 0-length bytestring constructed with slice can be passed to `make_byte_array_copier`, which elides evaluation of its source argument when the max length is 0. The impact is that side effects in the `start` argument may be elided when the `length` argument is 0, e.g. `slice(msg.data, self.do_side_effect(), 0)`. The fix in pull request 4645 disallows any invocation of `slice()` with length 0, including for the ad hoc locations discussed in this advisory. The fix is expected to be part of version 0.4.2.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 18:15:00 GMT

read more

CVE-2025-4709 - Campcodes Sales and Inventory System SQL Injection

CVE ID : CVE-2025-4709
Published : May 15, 2025, 6:15 p.m. | 43 minutes ago
Description : A vulnerability classified as critical was found in Campcodes Sales and Inventory System 1.0. Affected by this vulnerability is an unknown functionality of the file /pages/transaction_del.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 18:15:00 GMT

read more

CVE-2025-4710 - Campcodes Sales and Inventory System SQL Injection Vulnerability

CVE ID : CVE-2025-4710
Published : May 15, 2025, 6:15 p.m. | 43 minutes ago
Description : A vulnerability, which was classified as critical, has been found in Campcodes Sales and Inventory System 1.0. Affected by this issue is some unknown functionality of the file /pages/transaction.php. The manipulation of the argument cid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 18:15:00 GMT

read more

CVE-2025-4711 - Campcodes Sales and Inventory System SQL Injection Vulnerability

CVE ID : CVE-2025-4711
Published : May 15, 2025, 6:15 p.m. | 43 minutes ago
Description : A vulnerability, which was classified as critical, was found in Campcodes Sales and Inventory System 1.0. This affects an unknown part of the file /pages/stockin_add.php. The manipulation of the argument prod_name leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 18:15:00 GMT

read more

CVE-2025-1647 - Bootstrap Cross-Site Scripting (XSS)

CVE ID : CVE-2025-1647
Published : May 15, 2025, 5:15 p.m. | 1 hour, 43 minutes ago
Description : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Bootstrap allows Cross-Site Scripting (XSS).This issue affects Bootstrap: from 3.4.1 before 4.0.0.
Severity: 5.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 17:15:00 GMT

read more

CVE-2025-30417 - NI Circuit Design Suite Base64 Decode Memory Corruption Vulnerability

CVE ID : CVE-2025-30417
Published : May 15, 2025, 5:15 p.m. | 1 hour, 43 minutes ago
Description : There is a memory corruption vulnerability due to an out of bounds write in Library!DecodeBase64() when using the SymbolEditor in NI Circuit Design Suite.  This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted .sym file. This vulnerability affects NI Circuit Design Suite 14.3.0 and prior versions.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 17:15:00 GMT

read more

CVE-2025-30418 - NI Circuit Design Suite SymbolEditor Out-of-Bounds Write Vulnerability

CVE ID : CVE-2025-30418
Published : May 15, 2025, 5:15 p.m. | 1 hour, 43 minutes ago
Description : There is a memory corruption vulnerability due to an out of bounds write in CheckPins() when using the SymbolEditor in NI Circuit Design Suite.  This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted .sym file. This vulnerability affects NI Circuit Design Suite 14.3.0 and prior versions.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 17:15:00 GMT

read more

CVE-2025-30419 - NI Circuit Design Suite SymbolEditor Out-of-Bounds Read Vulnerability

CVE ID : CVE-2025-30419
Published : May 15, 2025, 5:15 p.m. | 1 hour, 43 minutes ago
Description : There is a memory corruption vulnerability due to an out of bounds read in GetSymbolBorderRectSize() when using the SymbolEditor in NI Circuit Design Suite.  This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted .sym file. This vulnerability affects NI Circuit Design Suite 14.3.0 and prior versions.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 17:15:00 GMT

read more

CVE-2025-30420 - NI Circuit Design Suite Bitmap Out-of-Bounds Read Memory Corruption Vulnerability

CVE ID : CVE-2025-30420
Published : May 15, 2025, 5:15 p.m. | 1 hour, 43 minutes ago
Description : There is a memory corruption vulnerability due to an out of bounds read in Bitmap::InternalDraw() when using the SymbolEditor in NI Circuit Design Suite.  This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted .sym file. This vulnerability affects NI Circuit Design Suite 14.3.0 and prior versions.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 17:15:00 GMT

read more

CVE-2025-30421 - NI Circuit Design Suite Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-30421
Published : May 15, 2025, 5:15 p.m. | 1 hour, 43 minutes ago
Description : There is a memory corruption vulnerability due to a stack-based buffer overflow in DrObjectStorage::XML_Serialize() when using the SymbolEditor in NI Circuit Design Suite.  This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted .sym file. This vulnerability affects NI Circuit Design Suite 14.3.0 and prior versions.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 17:15:00 GMT

read more

CVE-2025-47580 - Rustaurius Front End Users Missing Authorization Vulnerability

CVE ID : CVE-2025-47580
Published : May 15, 2025, 5:15 p.m. | 1 hour, 43 minutes ago
Description : Missing Authorization vulnerability in Rustaurius Front End Users allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Front End Users: from n/a through 3.2.32.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 17:15:00 GMT

read more

CVE-2025-4706 - Projectworlds Online Examination System SQL Injection Vulnerability

CVE ID : CVE-2025-4706
Published : May 15, 2025, 5:15 p.m. | 1 hour, 43 minutes ago
Description : A vulnerability was found in projectworlds Online Examination System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /Procedure3b_yearwiseVisit.php. The manipulation of the argument Visit_year leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 17:15:00 GMT

read more

CVE-2025-4707 - Campcodes Sales and Inventory System SQL Injection Vulnerability

CVE ID : CVE-2025-4707
Published : May 15, 2025, 5:15 p.m. | 1 hour, 43 minutes ago
Description : A vulnerability was found in Campcodes Sales and Inventory System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /pages/transaction_add.php. The manipulation of the argument prod_name leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 17:15:00 GMT

read more

CVE-2025-4708 - Campcodes Sales and Inventory System SQL Injection Vulnerability

CVE ID : CVE-2025-4708
Published : May 15, 2025, 5:15 p.m. | 1 hour, 43 minutes ago
Description : A vulnerability classified as critical has been found in Campcodes Sales and Inventory System 1.0. Affected is an unknown function of the file /pages/sales_add.php. The manipulation of the argument discount leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 17:15:00 GMT

read more

CVE-2025-2570 - Mattermost System Console System Manager Access Bypass

CVE ID : CVE-2025-2570
Published : May 15, 2025, 4:15 p.m. | 2 hours, 43 minutes ago
Description : Mattermost versions 10.5.x <= 10.5.3, 9.11.x <= 9.11.11 fail to check `RestrictSystemAdmin` setting if user doesn't have access to `ExperimentalSettings` which allows a System Manager to access `ExperimentSettings` when `RestrictSystemAdmin` is true via System Console.
Severity: 2.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 16:15:00 GMT

read more

CVE-2025-3440 - IBM Security Guardium Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3440
Published : May 15, 2025, 4:15 p.m. | 2 hours, 43 minutes ago
Description : IBM Security Guardium 11.5 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 16:15:00 GMT

read more

CVE-2025-48050 - Apache DOMPurify Directory Traversal

CVE ID : CVE-2025-48050
Published : May 15, 2025, 4:15 p.m. | 2 hours, 43 minutes ago
Description : In DOMPurify through 3.2.5 before 6bc6d60, scripts/server.js does not ensure that a pathname is located under the current working directory.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 16:15:00 GMT

read more

CVE-2025-48051 - Lila Lichess DOM XSS

CVE ID : CVE-2025-48051
Published : May 15, 2025, 4:15 p.m. | 2 hours, 43 minutes ago
Description : powertip.ts in Lila (for Lichess) before ab0beaf allows XSS in some applications because of an innerHTML usage pattern in which text is extracted from a DOM node and interpreted as HTML.
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 16:15:00 GMT

read more

CVE-2025-4703 - PHPGurukul Vehicle Parking Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4703
Published : May 15, 2025, 4:15 p.m. | 2 hours, 43 minutes ago
Description : A vulnerability has been found in PHPGurukul Vehicle Parking Management System 1.13 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/admin-profile.php. The manipulation of the argument contactnumber leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 16:15:00 GMT

read more

CVE-2025-4704 - PHPGurukul Vehicle Parking Management System SQL Injection

CVE ID : CVE-2025-4704
Published : May 15, 2025, 4:15 p.m. | 2 hours, 43 minutes ago
Description : A vulnerability was found in PHPGurukul Vehicle Parking Management System 1.13 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/edit-category.php. The manipulation of the argument editid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 16:15:00 GMT

read more

CVE-2025-4705 - PHPGurukul Vehicle Parking Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4705
Published : May 15, 2025, 4:15 p.m. | 2 hours, 43 minutes ago
Description : A vulnerability was found in PHPGurukul Vehicle Parking Management System 1.13. It has been classified as critical. This affects an unknown part of the file /admin/view-incomingvehicle-detail.php. The manipulation of the argument viewid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 16:15:00 GMT

read more

CVE-2024-52877 - InsydeH2O VariableRuntimeDxe Buffer Over-Read

CVE ID : CVE-2024-52877
Published : May 15, 2025, 4:15 p.m. | 43 minutes ago
Description : An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before version 05.38.50, kernel 5.4 before version 05.46.50, kernel 5.5 before version 05.54.50, kernel 5.6 before version 05.61.50, and kernel 5.7 before version 05.70.50. In VariableRuntimeDxe driver, callback function SmmCreateVariableLockList () calls CreateVariableLockListInSmm (). In CreateVariableLockListInSmm (), it uses StrSize () to get variable name size and it could lead to a buffer over-read.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 16:15:00 GMT

read more

CVE-2024-52878 - InsydeH2O VariableRuntimeDxe Buffer Over-Read Vulnerability

CVE ID : CVE-2024-52878
Published : May 15, 2025, 4:15 p.m. | 43 minutes ago
Description : An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before version 05.38.50, kernel 5.4 before version 05.46.50, kernel 5.5 before version 05.54.50, kernel 5.6 before version 05.61.50, and kernel 5.7 before version 05.70.50. In VariableRuntimeDxe driver, VariableServicesSetVariable () can be called by gRT_>SetVariable () or the SmmSetSensitiveVariable () or SmmInternalSetVariable () from SMM. In VariableServicesSetVariable (), it uses StrSize () to get variable name size, uses StrLen () to get variable name length and uses StrCmp () to compare strings. These actions may cause a buffer over-read.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 16:15:00 GMT

read more

CVE-2024-52879 - InsydeH2O VariableRuntimeDxe Buffer Over-Read Vulnerability

CVE ID : CVE-2024-52879
Published : May 15, 2025, 4:15 p.m. | 43 minutes ago
Description : An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before version 05.38.50, kernel 5.4 before version 05.46.50, kernel 5.5 before version 05.54.50, kernel 5.6 before version 05.61.50, and kernel 5.7 before version 05.70.50. In VariableRuntimeDxe driver, SmmUpdateVariablePropertySmi () is a SMM callback function and it uses StrCmp () to compare variable names. This action may cause a buffer over-read.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 16:15:00 GMT

read more

CVE-2024-52880 - InsydeH2O VariableRuntimeDxe Buffer Overflow Vulnerability

CVE ID : CVE-2024-52880
Published : May 15, 2025, 4:15 p.m. | 43 minutes ago
Description : An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before version 05.38.50, kernel 5.4 before version 05.46.50, kernel 5.5 before version 05.54.50, kernel 5.6 before version 05.61.50, and kernel 5.7 before version 05.70.50. In VariableRuntimeDxe driver, SecureBootHandler uses DataSize and VariableNameSize when determining if the data or name are in the buffer, but these are supplied by the caller and therefore cannot be trusted.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 16:15:00 GMT

read more

CVE-2025-2527 - Mattermost Permission Verification Vulnerability

CVE ID : CVE-2025-2527
Published : May 15, 2025, 4:15 p.m. | 43 minutes ago
Description : Mattermost versions 10.5.x <= 10.5.2, 9.11.x <= 9.11.11 failed to properly verify a user's permissions when accessing groups, which allows an attacker to view group information via an API request.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 16:15:00 GMT

read more

CVE-2025-44185 - SourceCodester Best Employee Management System CSRF Vulnerability

CVE ID : CVE-2025-44185
Published : May 15, 2025, 3:16 p.m. | 1 hour, 42 minutes ago
Description : SourceCodester Best Employee Management System V1.0 is vulnerable to Cross Site Request Forgery (CSRF) in /admin/change_pass.php via the password parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 15:16:00 GMT

read more

CVE-2025-46053 - WebERP SQL Injection

CVE ID : CVE-2025-46053
Published : May 15, 2025, 3:16 p.m. | 1 hour, 42 minutes ago
Description : A SQL Injection vulnerability in WebERP v4.15.2 allows attackers to execute arbitrary SQL commands and extract sensitive data by injecting a crafted payload into the ReportID and ReplaceReportID parameters within a POST request to /reportwriter/admin/ReportCreator.php
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 15:16:00 GMT

read more

CVE-2025-4701 - VITA-MLLM Freeze-Omni Deserialization Vulnerability

CVE ID : CVE-2025-4701
Published : May 15, 2025, 3:16 p.m. | 1 hour, 42 minutes ago
Description : A vulnerability, which was classified as problematic, has been found in VITA-MLLM Freeze-Omni up to 20250421. This issue affects the function torch.load of the file models/utils.py. The manipulation of the argument path leads to deserialization. It is possible to launch the attack on the local host.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 15:16:00 GMT

read more

CVE-2025-4702 - PHPGurukul Vehicle Parking Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4702
Published : May 15, 2025, 3:16 p.m. | 1 hour, 42 minutes ago
Description : A vulnerability, which was classified as critical, was found in PHPGurukul Vehicle Parking Management System 1.13. Affected is an unknown function of the file /admin/add-category.php. The manipulation of the argument catename leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 15:16:00 GMT

read more

CVE-2025-44180 - PhpGurukul Vehicle Record Management System XSS

CVE ID : CVE-2025-44180
Published : May 15, 2025, 2:15 p.m. | 2 hours, 43 minutes ago
Description : Phpgurukul Vehicle Record Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /edit-brand.php?bid={brandId}.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 14:15:00 GMT

read more

CVE-2025-44181 - "PhpGurukul Vehicle Record Management System Cross Site Scripting Vulnerability"

CVE ID : CVE-2025-44181
Published : May 15, 2025, 2:15 p.m. | 2 hours, 43 minutes ago
Description : Phpgurukul Vehicle Record Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /admin/add-brand.php via the brandname parameter.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 14:15:00 GMT

read more

CVE-2025-44182 - "PhpGurukul Vehicle Record Management System Cross Site Scripting (XSS)"

CVE ID : CVE-2025-44182
Published : May 15, 2025, 2:15 p.m. | 2 hours, 43 minutes ago
Description : Phpgurukul Vehicle Record Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via the vehiclename, modelnumber, regnumber, vehiclesubtype, chasisnum, enginenumber' in the /admin/edit-vehicle.php component. This allows attackers to execute arbitrary code.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 14:15:00 GMT

read more

CVE-2025-44183 - PhpGurukul Vehicle Record Management System XSS

CVE ID : CVE-2025-44183
Published : May 15, 2025, 2:15 p.m. | 2 hours, 43 minutes ago
Description : Phpgurukul Vehicle Record Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /admin/profile.php via the name, email, and mobile parameters.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 14:15:00 GMT

read more

CVE-2025-46052 - WebERP SQL Injection

CVE ID : CVE-2025-46052
Published : May 15, 2025, 2:15 p.m. | 2 hours, 43 minutes ago
Description : An error-based SQL Injection (SQLi) vulnerability in WebERP v4.15.2 allows attackers to execute arbitrary SQL command and extract sensitive data by injecting a crafted payload into the DEL form field in a POST request to /StockCounts.php
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 14:15:00 GMT

read more

CVE-2025-4516 - CPython Bytes Decode Unicode Escape Vulnerability

CVE ID : CVE-2025-4516
Published : May 15, 2025, 2:15 p.m. | 2 hours, 43 minutes ago
Description : There is an issue in CPython when using `bytes.decode("unicode_escape", error="ignore|replace")`. If you are not using the "unicode_escape" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the bytes.decode() call in a try-except catching the DecodeError.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 14:15:00 GMT

read more

CVE-2025-4698 - PHPGurukul Directory Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4698
Published : May 15, 2025, 2:15 p.m. | 2 hours, 43 minutes ago
Description : A vulnerability classified as critical has been found in PHPGurukul Directory Management System 2.0. This affects an unknown part of the file /admin/forget-password.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 14:15:00 GMT

read more

CVE-2025-4699 - PHPGurukul Apartment Visitors Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4699
Published : May 15, 2025, 2:15 p.m. | 2 hours, 43 minutes ago
Description : A vulnerability classified as critical was found in PHPGurukul Apartment Visitors Management System 1.0. This vulnerability affects unknown code of the file /admin/visitors-form.php. The manipulation of the argument Category leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 14:15:00 GMT

read more

CVE-2025-4697 - PHPGurukul Directory Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4697
Published : May 15, 2025, 1:16 p.m. | 3 hours, 42 minutes ago
Description : A vulnerability was found in PHPGurukul Directory Management System 2.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/edit-directory.php. The manipulation of the argument editid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 13:16:00 GMT

read more

CVE-2025-4695 - PHPGurukul Cyber Cafe Management System SQL Injection

CVE ID : CVE-2025-4695
Published : May 15, 2025, 1:16 p.m. | 2 hours ago
Description : A vulnerability was found in PHPGurukul Cyber Cafe Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /add-users.php. The manipulation of the argument uadd leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 13:16:00 GMT

read more

CVE-2025-4696 - PHPGurukul Cyber Cafe Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4696
Published : May 15, 2025, 1:16 p.m. | 2 hours ago
Description : A vulnerability was found in PHPGurukul Cyber Cafe Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /search.php. The manipulation of the argument searchdata leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 13:16:00 GMT

read more

CVE-2025-4564 - TicketBAI Facturas para WooCommerce File Deletion Vulnerability (Arbitrary File Deletion)

CVE ID : CVE-2025-4564
Published : May 15, 2025, 12:15 p.m. | 3 hours, 2 minutes ago
Description : The TicketBAI Facturas para WooCommerce plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation via the 'delpdf' action in all versions up to, and including, 3.18. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 12:15:00 GMT

read more

CVE-2025-4762 - eSigna eSignaViewer IDOR

CVE ID : CVE-2025-4762
Published : May 15, 2025, 12:15 p.m. | 3 hours, 2 minutes ago
Description : Insecure Direct Object Reference (IDOR) vulnerability in the eSignaViewer component in eSigna product versions 1.0 to 1.5 on all platforms allow an unauthenticated attacker to access arbitrary files in the document system via manipulation of file paths and object identifiers.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 12:15:00 GMT

read more

CVE-2025-31947 - Mattermost LDAP Account Lock Bypass Vulnerability

CVE ID : CVE-2025-31947
Published : May 15, 2025, 11:15 a.m. | 4 hours, 1 minute ago
Description : Mattermost versions 10.6.x <= 10.6.1, 10.5.x <= 10.5.2, 10.4.x <= 10.4.4, 9.11.x <= 9.11.11 fail to lockout LDAP users following repeated login failures, which allows attackers to lock external LDAP accounts through repeated login failures through Mattermost.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 11:15:00 GMT

read more

CVE-2025-3446 - Mattermost Permission Bypass Vulnerability

CVE ID : CVE-2025-3446
Published : May 15, 2025, 11:15 a.m. | 4 hours, 1 minute ago
Description : Mattermost versions 10.6.x <= 10.6.1, 10.5.x <= 10.5.2, 10.4.x <= 10.4.4, 9.11.x <= 9.11.11 fail to check the correct permissions which allows authenticated users who only have permission to invite non-guest users to a team to add guest users to that team via the API to add a single user to a team.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 11:15:00 GMT

read more

CVE-2025-32002 - I-O DATA HDL-T Series OS Command Injection

CVE ID : CVE-2025-32002
Published : May 15, 2025, 9:15 a.m. | 6 hours, 2 minutes ago
Description : Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in I-O DATA network attached hard disk 'HDL-T Series' firmware Ver.1.21 and earlier when 'Remote Link3 function' is enabled. If exploited, a remote unauthenticated attacker may execute an arbitrary OS command.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 09:15:00 GMT

read more

CVE-2025-32738 - IO DATA HDL-T Series Authentication Bypass

CVE ID : CVE-2025-32738
Published : May 15, 2025, 9:15 a.m. | 6 hours, 2 minutes ago
Description : Missing authentication for critical function issue exists in I-O DATA network attached hard disk 'HDL-T Series' firmware Ver.1.21 and earlier. If exploited, a remote unauthenticated attacker may change the product settings.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 09:15:00 GMT

read more

CVE-2025-4737 - Vivo Voice Assistant SSL/TLS Weakness

CVE ID : CVE-2025-4737
Published : May 15, 2025, 8:15 a.m. | 7 hours, 2 minutes ago
Description : Insufficient encryption vulnerability in the mobile application (com.transsion.aivoiceassistant) may lead to the risk of sensitive information leakage.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 08:15:00 GMT

read more

CVE-2025-27523 - Hitachi JP1/IT Desktop Management 2 - Smart Device Manager XXE Injection Vulnerability

CVE ID : CVE-2025-27523
Published : May 15, 2025, 7:15 a.m. | 8 hours, 1 minute ago
Description : XXE vulnerability in Hitachi JP1/IT Desktop Management 2 - Smart Device Manager on Windows.This issue affects JP1/IT Desktop Management 2 - Smart Device Manager: from 12-00 before 12-00-08, from 11-10 through 11-10-08, from 11-00 through 11-00-05, from 10-50 through 10-50-06.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 07:15:00 GMT

read more

CVE-2025-27524 - Hitachi JP1/IT Desktop Management 2 - Smart Device Manager Weak Encryption Vulnerability

CVE ID : CVE-2025-27524
Published : May 15, 2025, 7:15 a.m. | 8 hours, 1 minute ago
Description : Weak encryption vulnerability in Hitachi JP1/IT Desktop Management 2 - Smart Device Manager on Windows.This issue affects JP1/IT Desktop Management 2 - Smart Device Manager: from 12-00 before 12-00-08, from 11-10 through 11-10-08, from 11-00 through 11-00-05, from 10-50 through 10-50-06.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 07:15:00 GMT

read more

CVE-2025-27525 - Hitachi JP1/IT Desktop Management 2 - Smart Device Manager Windows Information Exposure Vulnerability

CVE ID : CVE-2025-27525
Published : May 15, 2025, 7:15 a.m. | 8 hours, 1 minute ago
Description : Information Exposure vulnerability in Hitachi JP1/IT Desktop Management 2 - Smart Device Manager on Windows.This issue affects JP1/IT Desktop Management 2 - Smart Device Manager: from 12-00 before 12-00-08, from 11-10 through 11-10-08, from 11-00 through 11-00-05, from 10-50 through 10-50-06.
Severity: 3.9 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 07:15:00 GMT

read more

CVE-2024-13914 - "WordPress File Manager Advanced Shortcode Local File Inclusion Vulnerability"

CVE ID : CVE-2024-13914
Published : May 15, 2025, 6:15 a.m. | 9 hours, 1 minute ago
Description : The File Manager Advanced Shortcode WordPress plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.5.4 (file-manager-advanced-shortcode) and 2.5.6 (advanced-file-manager-pro-premium), via the 'file_manager_advanced' shortcode. This makes it possible for authenticated attackers, with Administrator-level access and above, to include and execute arbitrary JavaScript files on the server. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included. Sites currently using 2.5.4 (file-manager-advanced-shortcode) should be updated to 2.6.0 (advanced-file-manager-pro-premium).
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 06:15:00 GMT

read more

CVE-2025-3742 - WordPress Responsive Lightbox Gallery Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3742
Published : May 15, 2025, 6:15 a.m. | 9 hours, 1 minute ago
Description : The Responsive Lightbox & Gallery WordPress plugin before 2.5.1 does not validate and escape some of its attributes before outputting them back in a page/post, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 06:15:00 GMT

read more

CVE-2025-48027 - pGina HttpAuth DNS Rebinding Vulnerability

CVE ID : CVE-2025-48027
Published : May 15, 2025, 6:15 a.m. | 9 hours, 1 minute ago
Description : The HttpAuth plugin in pGina.Fork through 3.9.9.12 allows authentication bypass when an adversary controls DNS resolution for pginaloginserver.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 06:15:00 GMT

read more

CVE-2025-48024 - BlueWave Checkmate Sensitive Data Disclosure

CVE ID : CVE-2025-48024
Published : May 15, 2025, 5:15 a.m. | 10 hours, 1 minute ago
Description : In BlueWave Checkmate before 2.1, an authenticated regular user can access sensitive application secrets via the /api/v1/settings endpoint.
Severity: 5.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 05:15:00 GMT

read more

CVE-2025-3053 - "UiPress Lite WordPress Remote Code Execution Vulnerability"

CVE ID : CVE-2025-3053
Published : May 15, 2025, 5:15 a.m. | 7 hours, 40 minutes ago
Description : The UiPress lite | Effortless custom dashboards, admin themes and pages plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 3.5.07 via the uip_process_form_input() function. This is due to the function taking user supplied inputs to execute arbitrary functions with arbitrary data, and does not have any sort of capability check. This makes it possible for authenticated attackers, with Subscriber-level access and above, to execute arbitrary code on the server.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 05:15:00 GMT

read more

CVE-2025-3917 - "Baidu Station SEO Plugin Arbitrary File Upload Vulnerability"

CVE ID : CVE-2025-3917
Published : May 15, 2025, 4:16 a.m. | 8 hours, 40 minutes ago
Description : The 百度站长SEO合集(支持百度/神马/Bing/头条推送) plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the download_remote_image_to_media_library function in all versions up to, and including, 2.0.6. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 04:16:00 GMT

read more

CVE-2025-4126 - WordPress EG-Series Plugin Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-4126
Published : May 15, 2025, 4:16 a.m. | 8 hours, 39 minutes ago
Description : The EG-Series plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's [series] shortcode in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping on user supplied attributes in the shortcode_title function. This makes it possible for authenticated attackers - with contributor-level access and above, on sites with the Classic Editor plugin activated - to inject arbitrary JavaScript code in the titletag attribute that will execute whenever a user access an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 04:16:00 GMT

read more

CVE-2025-4589 - WordPress Bon Toolkit Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-4589
Published : May 15, 2025, 4:16 a.m. | 8 hours, 39 minutes ago
Description : The Bon Toolkit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'bt-map' shortcode in all versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 04:16:00 GMT

read more

CVE-2025-4591 - Weluka Lite Stored Cross-Site Scripting Vulnerability in WordPress

CVE ID : CVE-2025-4591
Published : May 15, 2025, 4:16 a.m. | 8 hours, 39 minutes ago
Description : The Weluka Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'weluka-map' shortcode in all versions up to, and including, 1.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 04:16:00 GMT

read more

CVE-2025-4579 - WordPress Content Security Plugin Stored Cross-Site Scripting

CVE ID : CVE-2025-4579
Published : May 15, 2025, 2:15 a.m. | 10 hours, 40 minutes ago
Description : The WP Content Security Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the blocked-uri and effective-directive parameters in all versions up to, and including, 2.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 15 May 2025 02:15:00 GMT

read more

CVE-2024-45067 - Intel Gaudi Privilege Escalation

CVE ID : CVE-2024-45067
Published : May 14, 2025, 11:15 p.m. | 13 hours, 40 minutes ago
Description : Incorrect default permissions in some Intel(R) Gaudi(R) software installers before version 1.18 may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 23:15:00 GMT

read more

CVE-2025-32421 - Next.js Race Condition Page Prop Exposure

CVE ID : CVE-2025-32421
Published : May 14, 2025, 11:15 p.m. | 13 hours, 40 minutes ago
Description : Next.js is a React framework for building full-stack web applications. Versions prior to 14.2.24 and 15.1.6 have a race-condition vulnerability. This issue only affects the Pages Router under certain misconfigurations, causing normal endpoints to serve `pageProps` data instead of standard HTML. This issue was patched in versions 15.1.6 and 14.2.24 by stripping the `x-now-route-matches` header from incoming requests. Applications hosted on Vercel's platform are not affected by this issue, as the platform does not cache responses based solely on `200 OK` status without explicit `cache-control` headers. Those who self-host Next.js deployments and are unable to upgrade immediately can mitigate this vulnerability by stripping the `x-now-route-matches` header from all incoming requests at the content development network and setting `cache-control: no-store` for all responses under risk. The maintainers of Next.js strongly recommend only caching responses with explicit cache-control headers.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 23:15:00 GMT

read more

CVE-2025-46836 - Net-tools Unvalidated Stack Buffer Overflow

CVE ID : CVE-2025-46836
Published : May 14, 2025, 11:15 p.m. | 13 hours, 40 minutes ago
Description : net-tools is a collection of programs that form the base set of the NET-3 networking distribution for the Linux operating system. Inn versions up to and including 2.10, the Linux network utilities (like ifconfig) from the net-tools package do not properly validate the structure of /proc files when showing interfaces. `get_name()` in `interface.c` copies interface labels from `/proc/net/dev` into a fixed 16-byte stack buffer without bounds checking, leading to possible arbitrary code execution or crash. The known attack path does not require privilege but also does not provide privilege escalation in this scenario. A patch is available and expected to be part of version 2.20.
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 23:15:00 GMT

read more

CVE-2025-47783 - Label Studio Cross-Site Scripting (XSS)

CVE ID : CVE-2025-47783
Published : May 14, 2025, 11:15 p.m. | 13 hours, 40 minutes ago
Description : Label Studio is a multi-type data labeling and annotation tool. A vulnerability in versions prior to 1.18.0 allows an attacker to inject a malicious script into the context of a web page, which can lead to data theft, session hijacking, unauthorized actions on behalf of the user, and other attacks. The vulnerability is reproducible when sending a properly formatted request to the `POST /projects/upload-example/` endpoint. In the source code, the vulnerability is located at `label_studio/projects/views.py`. Version 1.18.0 contains a patch for the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 23:15:00 GMT

read more

CVE-2025-29691 - OA System XSS

CVE ID : CVE-2025-29691
Published : May 14, 2025, 10:15 p.m. | 14 hours, 40 minutes ago
Description : A cross-site scripting (XSS) vulnerability in OA System before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the userName parameter at /login/LoginsController.java.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 22:15:00 GMT

read more

CVE-2025-29686 - OA System Cross-Site Scripting (XSS)

CVE ID : CVE-2025-29686
Published : May 14, 2025, 10:15 p.m. | 12 hours, 40 minutes ago
Description : A cross-site scripting (XSS) vulnerability in OA System before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the title parameter at /inform/InformManageController.java.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 22:15:00 GMT

read more

CVE-2025-29688 - "OA System XSS Vulnerability"

CVE ID : CVE-2025-29688
Published : May 14, 2025, 10:15 p.m. | 12 hours, 40 minutes ago
Description : A cross-site scripting (XSS) vulnerability in OA System before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the title parameter at /daymanager/daymanageabilitycontroller.java.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 22:15:00 GMT

read more

CVE-2025-29689 - OA System Cross-Site Scripting (XSS)

CVE ID : CVE-2025-29689
Published : May 14, 2025, 10:15 p.m. | 12 hours, 40 minutes ago
Description : A cross-site scripting (XSS) vulnerability in OA System before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the password parameter at /mail/MailController.java.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 22:15:00 GMT

read more

CVE-2025-29690 - OA System Cross-Site Scripting (XSS)

CVE ID : CVE-2025-29690
Published : May 14, 2025, 10:15 p.m. | 12 hours, 40 minutes ago
Description : A cross-site scripting (XSS) vulnerability in OA System before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the outtype parameter at /address/AddrController.java.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 22:15:00 GMT

read more

CVE-2025-47888 - Jenkins DingTalk Plugin SSL/TLS Certificate Validation Bypass Vulnerability

CVE ID : CVE-2025-47888
Published : May 14, 2025, 9:15 p.m. | 11 hours, 39 minutes ago
Description : Jenkins DingTalk Plugin 2.7.3 and earlier unconditionally disables SSL/TLS certificate and hostname validation for connections to the configured DingTalk webhooks.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 21:15:00 GMT

read more

CVE-2025-47889 - Jenkins WSO2 Oauth Plugin Authentication Bypass Vulnerability

CVE ID : CVE-2025-47889
Published : May 14, 2025, 9:15 p.m. | 11 hours, 39 minutes ago
Description : In Jenkins WSO2 Oauth Plugin 1.0 and earlier, authentication claims are accepted without validation by the "WSO2 Oauth" security realm, allowing unauthenticated attackers to log in to controllers using this security realm using any username and any password, including usernames that do not exist.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 21:15:00 GMT

read more

CVE-2025-47884 - Jenkins OpenID Connect Provider Plugin Authentication Bypass

CVE ID : CVE-2025-47884
Published : May 14, 2025, 9:15 p.m. | 9 hours, 39 minutes ago
Description : In Jenkins OpenID Connect Provider Plugin 96.vee8ed882ec4d and earlier the generation of build ID Tokens uses potentially overridden values of environment variables, in conjunction with certain other plugins allowing attackers able to configure jobs to craft a build ID Token that impersonates a trusted job, potentially gaining unauthorized access to external services.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 21:15:00 GMT

read more

CVE-2025-47885 - CloudBees Jenkins Health Advisor XSS

CVE ID : CVE-2025-47885
Published : May 14, 2025, 9:15 p.m. | 9 hours, 39 minutes ago
Description : Jenkins Health Advisor by CloudBees Plugin 374.v194b_d4f0c8c8 and earlier does not escape responses from the Jenkins Health Advisor server, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control Jenkins Health Advisor server responses.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 21:15:00 GMT

read more

CVE-2025-47886 - Jenkins Cadence vManager Plugin CSRF Vulnerability

CVE ID : CVE-2025-47886
Published : May 14, 2025, 9:15 p.m. | 9 hours, 39 minutes ago
Description : A cross-site request forgery (CSRF) vulnerability in Jenkins Cadence vManager Plugin 4.0.1-286.v9e25a_740b_a_48 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified username and password.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 21:15:00 GMT

read more

CVE-2025-47887 - Jenkins Cadence vManager Plugin Unauthenticated Remote Code Execution

CVE ID : CVE-2025-47887
Published : May 14, 2025, 9:15 p.m. | 9 hours, 39 minutes ago
Description : Missing permission checks in Jenkins Cadence vManager Plugin 4.0.1-286.v9e25a_740b_a_48 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified username and password.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 21:15:00 GMT

read more

CVE-2024-56427 - Samsung Exynos Modem RRC Packet Out-of-Bounds Access Vulnerability

CVE ID : CVE-2024-56427
Published : May 14, 2025, 9:15 p.m. | 7 hours, 38 minutes ago
Description : An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. The lack of a length check leads to out-of-bounds access via malformed RRC packets to the target.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 21:15:00 GMT

read more

CVE-2025-26783 - Samsung Mobile Processor, Wearable Processor, and Modem Exynos RRC Denial of Service Vulnerability

CVE ID : CVE-2025-26783
Published : May 14, 2025, 9:15 p.m. | 7 hours, 38 minutes ago
Description : An issue was discovered in RRC in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 2100, 1280, 2200, 1330, 1380, 1480, 2400, W1000, Modem 5300, and Modem 5400. Incorrect handling of undefined values leads to a Denial of Service.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 21:15:00 GMT

read more

CVE-2025-27891 - Samsung Exynos Modem NAS Packet Length Check Vulnerability

CVE ID : CVE-2025-27891
Published : May 14, 2025, 9:15 p.m. | 7 hours, 38 minutes ago
Description : An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. The lack of a length check leads to out-of-bounds reads via malformed NAS packets.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 21:15:00 GMT

read more

CVE-2025-44024 - Pichome XSS

CVE ID : CVE-2025-44024
Published : May 14, 2025, 9:15 p.m. | 7 hours, 38 minutes ago
Description : Cross-Site Scripting (XSS) vulnerability was discovered in the Pichome system v2.1.0 and before. The vulnerability exists due to insufficient sanitization of user input in the login form. An attacker can inject malicious JavaScript code into the username or password fields during the login process
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 21:15:00 GMT

read more

CVE-2025-44879 - WS-WN572HP3 CGI Upload Buffer Overflow DoS

CVE ID : CVE-2025-44879
Published : May 14, 2025, 9:15 p.m. | 7 hours, 38 minutes ago
Description : WS-WN572HP3 V230525 was discovered to contain a buffer overflow in the component /www/cgi-bin/upload.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 21:15:00 GMT

read more

CVE-2024-55569 - Samsung Exynos Out-of-Bounds Write Vulnerability

CVE ID : CVE-2024-55569
Published : May 14, 2025, 9:15 p.m. | 7 hours, 7 minutes ago
Description : An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. The lack of a length check leads to out-of-bounds writes.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 21:15:00 GMT

read more

CVE-2024-58101 - Samsung Galaxy Buds Audio Devices Bluetooth Pairing Remote Takeover Vulnerability

CVE ID : CVE-2024-58101
Published : May 14, 2025, 8:15 p.m. | 8 hours, 8 minutes ago
Description : Samsung Galaxy Buds and Galaxy Buds 2 audio devices are Bluetooth pairable by default without user input nor a way to stop this mode. As a consequence, audio playback takeover or even microphone recording without user consent or notification is achieved. Note: This is considered a low severity vulnerability by the vendor.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 20:15:00 GMT

read more

CVE-2025-25370 - Realme GT 2 Information Disclosure

CVE ID : CVE-2025-25370
Published : May 14, 2025, 8:15 p.m. | 8 hours, 8 minutes ago
Description : An issue in realme GT 2 (RMX3311) running Android 14 with realme UI 5.0 allows a physically proximate attacker to obtain sensitive information via the show app only setting function.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 20:15:00 GMT

read more

CVE-2025-32363 - mediDOK Deserialization Remote Code Execution Vulnerability

CVE ID : CVE-2025-32363
Published : May 14, 2025, 8:15 p.m. | 8 hours, 8 minutes ago
Description : mediDOK before 2.5.18.43 allows remote attackers to achieve remote code execution on a target system via deserialization of untrusted data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 20:15:00 GMT

read more

CVE-2024-57096 - WPS Office Information Disclosure Vulnerability

CVE ID : CVE-2024-57096
Published : May 14, 2025, 8:15 p.m. | 4 hours, 39 minutes ago
Description : An issue in wps office before v.19302 allows a local attacker to obtain sensitive information via a crafted file.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 20:15:00 GMT

read more

CVE-2024-45516 - Zimbra Collaboration Classic UI Cross-Site Scripting Vulnerability

CVE ID : CVE-2024-45516
Published : May 14, 2025, 8:15 p.m. | 2 hours, 43 minutes ago
Description : An issue was discovered in Zimbra Collaboration (ZCS) 9.0.0 before Patch 43, 10.0.x before 10.0.12, 10.1.x before 10.1.4, and 8.8.15 before Patch 47. A Cross-Site Scripting (XSS) vulnerability in the Zimbra Classic UI allows attackers to execute arbitrary JavaScript within the victim's session, potentially leading to unauthorized access to sensitive information. This issue arises from insufficient sanitization of HTML content, including malformed tags with embedded JavaScript. The vulnerability is triggered when the victim views a specially crafted email in the Classic UI, causing the malicious script to execute. No further user interaction is required beyond viewing the email.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 20:15:00 GMT

read more

CVE-2025-33104 - IBM WebSphere Application Server Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-33104
Published : May 14, 2025, 7:15 p.m. | 3 hours, 42 minutes ago
Description : IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 19:15:00 GMT

read more

CVE-2025-4640 - "PCL Zlib Out-of-bounds Write Overflow"

CVE ID : CVE-2025-4640
Published : May 14, 2025, 7:15 p.m. | 3 hours, 42 minutes ago
Description : Out-of-bounds Write vulnerability in PointCloudLibrary pcl allows Overflow Buffers. Since version 1.14.0, PCL by default uses a zlib installation from the system, unless the user sets WITH_SYSTEM_ZLIB=FALSE. So this potential vulnerability is only relevant if the PCL version is older than 1.14.0 or the user specifically requests to not use the system zlib.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 19:15:00 GMT

read more

CVE-2025-4641 - Bonigarcia WebDriverManager XML External Entity Reference Vulnerability

CVE ID : CVE-2025-4641
Published : May 14, 2025, 7:15 p.m. | 3 hours, 42 minutes ago
Description : Improper Restriction of XML External Entity Reference vulnerability in bonigarcia webdrivermanager WebDriverManager on Windows, MacOS, Linux (XML parsing components modules) allows Data Serialization External Entities Blowup. This vulnerability is associated with program files src/main/java/io/github/bonigarcia/wdm/WebDriverManager.java. This issue affects webdrivermanager: from 1.0.0 before 6.0.2.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 19:15:00 GMT

read more

CVE-2025-0131 - Palo Alto Networks GlobalProtect MetaDefender Endpoint Security SDK Privilege Escalation Vulnerability

CVE ID : CVE-2025-0131
Published : May 14, 2025, 7:15 p.m. | 1 hour, 38 minutes ago
Description : An incorrect privilege management vulnerability in the OPSWAT MetaDefender Endpoint Security SDK used by the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\SYSTEM. However, execution requires that the local user also successfully exploits a race condition, which makes this vulnerability difficult to exploit.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 19:15:00 GMT

read more

CVE-2025-0132 - Palo Alto Networks Cortex XDR Broker VM Authentication Bypass

CVE ID : CVE-2025-0132
Published : May 14, 2025, 7:15 p.m. | 1 hour, 38 minutes ago
Description : A missing authentication vulnerability in Palo Alto Networks Cortex XDR® Broker VM allows an unauthenticated user to disable certain internal services on the Broker VM.  The attacker must have network access to the Broker VM to exploit this issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 19:15:00 GMT

read more

CVE-2025-0133 - "Palo Alto Networks PAN-OS GlobalProtect Reflected Cross-Site Scripting (XSS) Vulnerability"

CVE ID : CVE-2025-0133
Published : May 14, 2025, 7:15 p.m. | 1 hour, 38 minutes ago
Description : A reflected cross-site scripting (XSS) vulnerability in the GlobalProtect™ gateway and portal features of Palo Alto Networks PAN-OS® software enables execution of malicious JavaScript in the context of an authenticated Captive Portal user's browser when they click on a specially crafted link. The primary risk is phishing attacks that can lead to credential theft—particularly if you enabled Clientless VPN. There is no availability impact to GlobalProtect features or GlobalProtect users. Attackers cannot use this vulnerability to tamper with or modify contents or configurations of the GlobalProtect portal or gateways. The integrity impact of this vulnerability is limited to enabling an attacker to create phishing and credential-stealing links that appear to be hosted on the GlobalProtect portal. For GlobalProtect users with Clientless VPN enabled, there is a limited impact on confidentiality due to inherent risks of Clientless VPN that facilitate credential theft. You can read more about this risk in the informational bulletin PAN-SA-2025-0005 https://security.paloaltonetworks.com/PAN-SA-2025-0005 https://security.paloaltonetworks.com/PAN-SA-2025-0005 . There is no impact to confidentiality for GlobalProtect users if you did not enable (or you disable) Clientless VPN.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 19:15:00 GMT

read more

CVE-2025-0134 - Palo Alto Networks Cortex XDR Broker VM Code Injection Root Privilege Escalation

CVE ID : CVE-2025-0134
Published : May 14, 2025, 7:15 p.m. | 1 hour, 38 minutes ago
Description : A code injection vulnerability in the Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to execute arbitrary code with root privileges on the host operating system running Broker VM.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 19:15:00 GMT

read more

CVE-2025-0135 - Palo Alto Networks GlobalProtect App Privilege Escalation Vulnerability

CVE ID : CVE-2025-0135
Published : May 14, 2025, 7:15 p.m. | 1 hour, 38 minutes ago
Description : An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on macOS devices enables a locally authenticated non administrative user to disable the app. The GlobalProtect app on Windows, Linux, iOS, Android, Chrome OS and GlobalProtect UWP app are not affected.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 19:15:00 GMT

read more

CVE-2025-0136 - Palo Alto Networks PAN-OS Unencrypted Data Transfer via AES-128-CCM IPSec Vulnerability

CVE ID : CVE-2025-0136
Published : May 14, 2025, 7:15 p.m. | 1 hour, 38 minutes ago
Description : Using the AES-128-CCM algorithm for IPSec on certain Palo Alto Networks PAN-OS® firewalls (PA-7500, PA-5400, PA-5400f, PA-3400, PA-1600, PA-1400, and PA-400 Series) leads to unencrypted data transfer to devices that are connected to the PAN-OS firewall through IPSec. This issue does not affect Cloud NGFWs, Prisma® Access instances, or PAN-OS VM-Series firewalls. NOTE: The AES-128-CCM encryption algorithm is not recommended for use.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 19:15:00 GMT

read more

CVE-2025-0137 - Palo Alto Networks PAN-OS Authenticated Admin Impersonation

CVE ID : CVE-2025-0137
Published : May 14, 2025, 7:15 p.m. | 1 hour, 38 minutes ago
Description : An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables a malicious authenticated read-write administrator to impersonate another legitimate authenticated PAN-OS administrator. The attacker must have network access to the management web interface to exploit this issue. You greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended critical deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 19:15:00 GMT

read more

CVE-2025-0138 - Palo Alto Networks Prisma Cloud Web Session Expiration Vulnerability

CVE ID : CVE-2025-0138
Published : May 14, 2025, 7:15 p.m. | 1 hour, 38 minutes ago
Description : Web sessions in the web interface of Palo Alto Networks Prisma® Cloud Compute Edition do not expire when users are deleted, which makes Prisma Cloud Compute Edition susceptible to unauthorized access. Compute in Prisma Cloud Enterprise Edition is not affected by this issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 19:15:00 GMT

read more

CVE-2025-2900 - IBM Semeru Runtime Denial of Service Buffer Overflow

CVE ID : CVE-2025-2900
Published : May 14, 2025, 7:15 p.m. | 1 hour, 38 minutes ago
Description : IBM Semeru Runtime 8.0.302.0 through 8.0.442.0, 11.0.12.0 through 11.0.26.0, 17.0.0.0 through 17.0.14.0, and 21.0.0.0 through 12.0.6.0 is vulnerable to a denial of service caused by a buffer overflow and subsequent crash, due to a defect in its native AES/CBC encryption implementation.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 19:15:00 GMT

read more

CVE-2025-30667 - Zoom Workplace Apps for Windows Denial of Service

CVE ID : CVE-2025-30667
Published : May 14, 2025, 6:15 p.m. | 2 hours, 39 minutes ago
Description : NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 18:15:00 GMT

read more

CVE-2025-30668 - Zoom Workplace Integer Underflow Denial of Service Vulnerability

CVE ID : CVE-2025-30668
Published : May 14, 2025, 6:15 p.m. | 2 hours, 39 minutes ago
Description : Integer underflow in some Zoom Workplace Apps may allow an authenticated user to conduct a denial of service via network access.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 18:15:00 GMT

read more

CVE-2025-46785 - Zoom Workplace Apps for Windows Buffer Over-Read Denial of Service

CVE ID : CVE-2025-46785
Published : May 14, 2025, 6:15 p.m. | 2 hours, 39 minutes ago
Description : Buffer over-read in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 18:15:00 GMT

read more

CVE-2025-46786 - Zoom Workplace Apps XML External Entity (XXE) Injection Vulnerability

CVE ID : CVE-2025-46786
Published : May 14, 2025, 6:15 p.m. | 2 hours, 39 minutes ago
Description : Improper neutralization of special elements in some Zoom Workplace Apps may allow an authenticated user to impact app integrity via network access.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 18:15:00 GMT

read more

CVE-2025-4637 - Davisking Dlib Divide By Zero Remote Denial of Service

CVE ID : CVE-2025-4637
Published : May 14, 2025, 6:15 p.m. | 2 hours, 38 minutes ago
Description : Divide By Zero vulnerability in davisking dlib allows remote attackers to cause a denial of service via a crafted file. .This issue affects dlib: before <19.24.7.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 18:15:00 GMT

read more

CVE-2025-4638 - PCL Zlib Inftrees Pointer Arithmetic Vulnerability

CVE ID : CVE-2025-4638
Published : May 14, 2025, 6:15 p.m. | 2 hours, 38 minutes ago
Description : A vulnerability exists in the inftrees.c component of the zlib library, which is bundled within the PointCloudLibrary (PCL). This issue may allow context-dependent attackers to cause undefined behavior by exploiting improper pointer arithmetic. Since version 1.14.0, PCL by default uses a zlib installation from the system, unless the user sets WITH_SYSTEM_ZLIB=FALSE. So this potential vulnerability is only relevant if the PCL version is older than 1.14.0 or the user specifically requests to not use the system zlib.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 18:15:00 GMT

read more

CVE-2025-4639 - Peergos XML XXE Vulnerability

CVE ID : CVE-2025-4639
Published : May 14, 2025, 6:15 p.m. | 2 hours, 38 minutes ago
Description : CWE-611 Improper Restriction of XML External Entity Reference in the getDocumentBuilder() method of WebDav servlet in Peergos. This issue affects Peergos through version 1.1.0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 18:15:00 GMT

read more

CVE-2025-4664 - Google Chrome Cross-Origin Data Leaking Vulnerability

CVE ID : CVE-2025-4664
Published : May 14, 2025, 6:15 p.m. | 2 hours, 38 minutes ago
Description : Insufficient policy enforcement in Loader in Google Chrome prior to 136.0.7103.113 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 18:15:00 GMT

read more

CVE-2025-0130 - Palo Alto Networks PAN-OS Denial of Service (DoS)

CVE ID : CVE-2025-0130
Published : May 14, 2025, 6:15 p.m. | 38 minutes ago
Description : A missing exception check in Palo Alto Networks PAN-OS® software with the web proxy feature enabled allows an unauthenticated attacker to send a burst of maliciously crafted packets that causes the firewall to become unresponsive and eventually reboot. Repeated successful attempts to trigger this condition will cause the firewall to enter maintenance mode. This issue does not affect Cloud NGFW or Prisma Access.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 18:15:00 GMT

read more

CVE-2025-30663 - Zoom Workplace Apps TOCTOU Race Condition Privilege Escalation Vulnerability

CVE ID : CVE-2025-30663
Published : May 14, 2025, 6:15 p.m. | 38 minutes ago
Description : Time-of-check time-of-use race condition in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via local access.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 18:15:00 GMT

read more

CVE-2025-30664 - Zoom Workplace App Path Traversal Vulnerability

CVE ID : CVE-2025-30664
Published : May 14, 2025, 6:15 p.m. | 38 minutes ago
Description : Improper neutralization of special elements in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via local access.
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 18:15:00 GMT

read more

CVE-2025-30665 - Zoom Workplace Apps for Windows NULL Pointer Denial of Service

CVE ID : CVE-2025-30665
Published : May 14, 2025, 6:15 p.m. | 38 minutes ago
Description : NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 18:15:00 GMT

read more

CVE-2025-30666 - Zoom Workplace Apps for Windows NULL Pointer Dereference Denial of Service Vulnerability

CVE ID : CVE-2025-30666
Published : May 14, 2025, 6:15 p.m. | 38 minutes ago
Description : NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 18:15:00 GMT

read more

CVE-2025-44184 - SourceCodester Best Employee Management System Cross Site Scripting

CVE ID : CVE-2025-44184
Published : May 14, 2025, 5:15 p.m. | 1 hour, 38 minutes ago
Description : SourceCodester Best Employee Management System V1.0 is vulnerable to Cross Site Scripting (XSS) in /admin/profile.php via the website_image, fname, lname, contact, username, and address parameters.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 17:15:00 GMT

read more

CVE-2025-44186 - SourceCodester Best Employee Management System CSRF Vulnerability

CVE ID : CVE-2025-44186
Published : May 14, 2025, 5:15 p.m. | 1 hour, 38 minutes ago
Description : SourceCodester Best Employee Management System 1.0 is vulnerable to Cross Site Request Forgery (CSRF) in /admin/Operation/User.php page.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 17:15:00 GMT

read more

CVE-2025-47701 - Drupal Restrict Route by IP CSRF

CVE ID : CVE-2025-47701
Published : May 14, 2025, 5:15 p.m. | 1 hour, 38 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in Drupal Restrict route by IP allows Cross Site Request Forgery.This issue affects Restrict route by IP: from 0.0.0 before 1.3.0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 17:15:00 GMT

read more

CVE-2025-47702 - Drupal oEmbed Providers Cross-Site Scripting (XSS)

CVE ID : CVE-2025-47702
Published : May 14, 2025, 5:15 p.m. | 1 hour, 38 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal oEmbed Providers allows Cross-Site Scripting (XSS).This issue affects oEmbed Providers: from 0.0.0 before 2.2.2.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 17:15:00 GMT

read more

CVE-2025-47703 - Drupal COOKiES Consent Management Cross-Site Scripting (XSS)

CVE ID : CVE-2025-47703
Published : May 14, 2025, 5:15 p.m. | 1 hour, 38 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal COOKiES Consent Management allows Cross-Site Scripting (XSS).This issue affects COOKiES Consent Management: from 0.0.0 before 1.2.14.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 17:15:00 GMT

read more

CVE-2025-47704 - Drupal Klaro Cookie Consent Management Cross-Site Scripting (XSS)

CVE ID : CVE-2025-47704
Published : May 14, 2025, 5:15 p.m. | 1 hour, 38 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Klaro Cookie & Consent Management allows Cross-Site Scripting (XSS).This issue affects Klaro Cookie & Consent Management: from 0.0.0 before 3.0.5.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 17:15:00 GMT

read more

CVE-2025-47705 - Drupal IFrame Remove Filter Cross-Site Scripting (XSS)

CVE ID : CVE-2025-47705
Published : May 14, 2025, 5:15 p.m. | 1 hour, 38 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal IFrame Remove Filter allows Cross-Site Scripting (XSS).This issue affects IFrame Remove Filter: from 0.0.0 before 2.0.5.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 17:15:00 GMT

read more

CVE-2025-47706 - Drupal Enterprise MFA - TFA Authentication Bypass by Capture-replay Vulnerability

CVE ID : CVE-2025-47706
Published : May 14, 2025, 5:15 p.m. | 1 hour, 38 minutes ago
Description : Authentication Bypass by Capture-replay vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Remote Services with Stolen Credentials.This issue affects Enterprise MFA - TFA for Drupal: from 0.0.0 before 4.7.0, from 5.0.0 before 5.2.0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 17:15:00 GMT

read more

CVE-2025-47707 - Drupal Enterprise MFA - TFA Authentication Bypass

CVE ID : CVE-2025-47707
Published : May 14, 2025, 5:15 p.m. | 1 hour, 38 minutes ago
Description : Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Authentication Bypass.This issue affects Enterprise MFA - TFA for Drupal: from 0.0.0 before 4.7.0, from 5.0.0 before 5.2.0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 17:15:00 GMT

read more

CVE-2025-47708 - Drupal Enterprise MFA - TFA CSRF Vulnerability

CVE ID : CVE-2025-47708
Published : May 14, 2025, 5:15 p.m. | 1 hour, 38 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Cross Site Request Forgery.This issue affects Enterprise MFA - TFA for Drupal: from 0.0.0 before 4.7.0, from 5.0.0 before 5.2.0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 17:15:00 GMT

read more

CVE-2025-47709 - Drupal Enterprise MFA - TFA Missing Authorization Vulnerability

CVE ID : CVE-2025-47709
Published : May 14, 2025, 5:15 p.m. | 1 hour, 38 minutes ago
Description : Missing Authorization vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Forceful Browsing.This issue affects Enterprise MFA - TFA for Drupal: from 0.0.0 before 4.7.0, from 5.0.0 before 5.2.0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 17:15:00 GMT

read more

CVE-2025-47710 - Drupal Enterprise MFA - TFA Authentication Bypass

CVE ID : CVE-2025-47710
Published : May 14, 2025, 5:15 p.m. | 1 hour, 38 minutes ago
Description : Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Authentication Bypass.This issue affects Enterprise MFA - TFA for Drupal: from 0.0.0 before 4.7.0, from 5.0.0 before 5.2.0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 17:15:00 GMT

read more

CVE-2025-24969 - iTop Information Disclosure

CVE ID : CVE-2025-24969
Published : May 14, 2025, 4:15 p.m. | 51 minutes ago
Description : iTop is an web based IT Service Management tool. Prior to version 3.2.1, a portal user can see any other contacts picture by changing the picture ID in the URL. Version 3.2.1 contains a patch for the issue.
Severity: 5.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 16:15:00 GMT

read more

CVE-2025-47775 - GitHub Bullfrog DNS Exfiltration Vulnerability (Sandbox Bypass)

CVE ID : CVE-2025-47775
Published : May 14, 2025, 4:15 p.m. | 51 minutes ago
Description : Bullfrog is a GithHb Action to block unauthorized outbound traffic in GitHub workflows. Prior to version 0.8.4, using tcp breaks blocking and allows DNS exfiltration. This can result in sandbox bypass. Version 0.8.4 fixes the issue.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 16:15:00 GMT

read more

CVE-2025-47777 - 5ire Stored XSS and RCE Vulnerability

CVE ID : CVE-2025-47777
Published : May 14, 2025, 4:15 p.m. | 51 minutes ago
Description : 5ire is a cross-platform desktop artificial intelligence assistant and model context protocol client. Versions prior to 0.11.1 are vulnerable to stored cross-site scripting in chatbot responses due to insufficient sanitization. This, in turn, can lead to Remote Code Execution (RCE) via unsafe Electron protocol handling and exposed Electron APIs. All users of 5ire client versions prior to patched releases, particularly those interacting with untrusted chatbots or pasting external content, are affected. Version 0.11.1 contains a patch for the issue.
Severity: 9.6 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 16:15:00 GMT

read more

CVE-2025-47778 - Sulu SVG XML External Entity Reference Vulnerability

CVE ID : CVE-2025-47778
Published : May 14, 2025, 4:15 p.m. | 51 minutes ago
Description : Sulu is an open-source PHP content management system based on the Symfony framework. Starting in versions 2.5.21, 2.6.5, and 3.0.0-alpha1, an admin user can upload SVG which may load external data via XML DOM library. This can be used for insecure XML External Entity References. The problem has been patched in versions 2.6.9, 2.5.25, and 3.0.0-alpha3. As a workaround, one may patch the effect file `src/Sulu/Bundle/MediaBundle/FileInspector/SvgFileInspector.php` manually.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 16:15:00 GMT

read more

CVE-2025-47781 - Rallly Token Brute Force Vulnerability

CVE ID : CVE-2025-47781
Published : May 14, 2025, 4:15 p.m. | 51 minutes ago
Description : Rallly is an open-source scheduling and collaboration tool. Versions up to and including 3.22.1 of the application features token based authentication. When a user attempts to login to the application, they insert their email and a 6 digit code is sent to their email address to complete the authentication. A token that consists of 6 digits only presents weak entropy however and when coupled with no token brute force protection, makes it possible for an unauthenticated attacker with knowledge of a valid email address to successfully brute force the token within 15 minutes (token expiration time) and take over the account associated with the targeted email address. All users on the Rallly applications are impacted. As long as an attacker knows the user's email address they used to register on the app, they can systematically take over any user account. For the authentication mechanism to be safe, the token would need to be assigned a complex high entropy value that cannot be bruteforced within reasonable time, and ideally rate limiting the /api/auth/callback/email endpoint to further make brute force attempts unreasonable within the 15 minutes time. As of time of publication, no patched versions are available.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 16:15:00 GMT

read more

CVE-2025-47782 - MotionEye Command Injection Vulnerability

CVE ID : CVE-2025-47782
Published : May 14, 2025, 4:15 p.m. | 51 minutes ago
Description : motionEye is an online interface for the software motion, a video surveillance program with motion detection. In versions 0.43.1b1 through 0.43.1b3, using a constructed (camera) device path with the `add`/`add_camera` motionEye web API allows an attacker with motionEye admin user credentials to execute any command within a non-interactive shell as motionEye run user, `motion` by default. The vulnerability has been patched with motionEye v0.43.1b4. As a workaround, apply the patch manually.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 16:15:00 GMT

read more

CVE-2024-10864 - OpenText Advance Authentication SQL Injection

CVE ID : CVE-2024-10864
Published : May 14, 2025, 3:15 p.m. | 1 hour, 51 minutes ago
Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in OpenText Advance Authentication. This issue affects Advance Authentication versions before 6.5
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 15:15:00 GMT

read more

CVE-2024-10865 - OpenText Advance Authentication Cross-site Scripting Vulnerability

CVE ID : CVE-2024-10865
Published : May 14, 2025, 3:15 p.m. | 1 hour, 51 minutes ago
Description : Improper Input validation leads to XSS or Cross-site Scripting vulnerability in OpenText Advance Authentication. This issue affects Advance Authentication version before 6.5.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 15:15:00 GMT

read more

CVE-2024-52601 - iTop Unauthenticated Information Disclosure Vulnerability

CVE ID : CVE-2024-52601
Published : May 14, 2025, 3:15 p.m. | 1 hour, 51 minutes ago
Description : iTop is an web based IT Service Management tool. Prior to versions 2.7.12, 3.1.3, and 3.2.1, anyone with an account having portal access can have read access to objects they're not allowed to see by querying an unprotected route. Versions 2.7.12, 3.1.3, and 3.2.1 contain a fix for the issue.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 15:15:00 GMT

read more

CVE-2024-56157 - iTop Cross-Site Scripting Vulnerability

CVE ID : CVE-2024-56157
Published : May 14, 2025, 3:15 p.m. | 1 hour, 51 minutes ago
Description : iTop is an web based IT Service Management tool. Prior to versions 3.1.3 and 3.2.1, by filling malicious code in a CSV content, a cross-site scripting attack can be performed when importing this content. The issue is fixed in versions 3.1.3 and 3.2.1. As a workaround, check CSV content before importing it.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 15:15:00 GMT

read more

CVE-2025-24021 - iTop Unauthenticated Object Field Modification Vulnerability

CVE ID : CVE-2025-24021
Published : May 14, 2025, 3:15 p.m. | 1 hour, 51 minutes ago
Description : iTop is an web based IT Service Management tool. Prior to versions 2.7.12, 3.1.3, and 3.2.1, anyone with an account having portal access can set value to object fields when they're not supposed to. Versions 2.7.12, 3.1.3, and 3.2.1 contain a fix for the issue.
Severity: 5.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 15:15:00 GMT

read more

CVE-2025-24022 - iTop Server Code Execution Vulnerability

CVE ID : CVE-2025-24022
Published : May 14, 2025, 3:15 p.m. | 1 hour, 51 minutes ago
Description : iTop is an web based IT Service Management tool. Prior to versions 2.7.12, 3.1.3, and 3.2.1, server code execution is possible through the frontend of iTop's portal. This is fixed in versions 2.7.12, 3.1.3 and 3.2.1.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 15:15:00 GMT

read more

CVE-2025-24026 - iTop Regular Expression Denial of Service (ReDoS) Vulnerability

CVE ID : CVE-2025-24026
Published : May 14, 2025, 3:15 p.m. | 1 hour, 51 minutes ago
Description : iTop is an web based IT Service Management tool. Versions prior to 3.2.1 are vulnerable to regular expression denial of service (ReDoS) that may, under some circumstances, affect iTop server. Version 3.2.1 doesn't use the affected variable in the regular expression. As a workaround, if iTop app_root_url is defined in the configuration file, then there is no possible way to exploit this ReDoS.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 15:15:00 GMT

read more

CVE-2025-24785 - iTop PHP Error Remote Crash Vulnerability

CVE ID : CVE-2025-24785
Published : May 14, 2025, 3:15 p.m. | 1 hour, 51 minutes ago
Description : iTop is an web based IT Service Management tool. In version 3.2.0, an attacker may send a URL to the server to trigger a PHP error. The next user trying to load this dashboard would encounter a crashed start page. Version 3.2.1 fixes the issue by checking the provided layout_class before saving the dashboard.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 15:15:00 GMT

read more

CVE-2024-54779 - Netgate pfSense CE Cross Site Scripting Vulnerability

CVE ID : CVE-2024-54779
Published : May 14, 2025, 2:15 p.m. | 2 hours, 51 minutes ago
Description : Netgate pfSense CE (prior to 2.8.0 beta release) and corresponding Plus builds is vulnerable to Cross Site Scripting (XSS) in widgets/log.widget.php.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 14:15:00 GMT

read more

CVE-2024-54780 - Netgate pfSense CE OpenVPN Command Injection Vulnerability

CVE ID : CVE-2024-54780
Published : May 14, 2025, 2:15 p.m. | 2 hours, 51 minutes ago
Description : Netgate pfSense CE (prior to 2.8.0 beta release) and corresponding Plus builds are vulnerable to command injection in the OpenVPN widget due to improper sanitization of user-supplied input to the OpenVPN management interface. An authenticated attacker can exploit this vulnerability by injecting arbitrary OpenVPN management commands via the remipp parameter.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 14:15:00 GMT

read more

CVE-2024-57273 - Netgate pfSense CE Cross-Site Scripting Vulnerability

CVE ID : CVE-2024-57273
Published : May 14, 2025, 2:15 p.m. | 2 hours, 51 minutes ago
Description : Netgate pfSense CE (prior to 2.8.0 beta release) and corresponding Plus builds is vulnerable to Cross-site scripting (XSS) in the Automatic Configuration Backup (ACB) service, allowing remote attackers to execute arbitrary JavaScript, delete backups, or leak sensitive information via an unsanitized "reason" field and a derivable device key generated from the public SSH key.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 14:15:00 GMT

read more

CVE-2025-22756 - CVE-2022-47947: Apache HTTP Server Command Injection

CVE ID : CVE-2025-22756
Published : May 14, 2025, 2:15 p.m. | 2 hours, 51 minutes ago
Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 14:15:00 GMT

read more

CVE-2025-3600 - Telerik UI for AJAX Unhandled Exception Denial of Service Vulnerability

CVE ID : CVE-2025-3600
Published : May 14, 2025, 2:15 p.m. | 2 hours, 51 minutes ago
Description : In Progress® Telerik® UI for AJAX, versions 2011.2.712 to 2025.1.218, an unsafe reflection vulnerability exists that may lead to an unhandled exception resulting in a crash of the hosting process and denial of service.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 14:15:00 GMT

read more

CVE-2025-47436 - Apache ORC Heap-based Buffer Overflow Vulnerability

CVE ID : CVE-2025-47436
Published : May 14, 2025, 2:15 p.m. | 2 hours, 51 minutes ago
Description : Heap-based Buffer Overflow vulnerability in Apache ORC. A vulnerability has been identified in the ORC C++ LZO decompression logic, where specially crafted malformed ORC files can cause the decompressor to allocate a 250-byte buffer but then attempts to copy 295 bytes into it. It causes memory corruption. This issue affects Apache ORC C++ library: through 1.8.8, from 1.9.0 through 1.9.5, from 2.0.0 through 2.0.4, from 2.1.0 through 2.1.1. Users are recommended to upgrade to version 1.8.9, 1.9.6, 2.0.5, and 2.1.2, which fix the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 14:15:00 GMT

read more

CVE-2023-53146 - "Linux Media DW2102 Null Pointer Dereference Vulnerability"

CVE ID : CVE-2023-53146
Published : May 14, 2025, 1:15 p.m. | 3 hours, 51 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: media: dw2102: Fix null-ptr-deref in dw2102_i2c_transfer() In dw2102_i2c_transfer, msg is controlled by user. When msg[i].buf is null and msg[i].len is zero, former checks on msg[i].buf would be passed. Malicious data finally reach dw2102_i2c_transfer. If accessing msg[i].buf[0] without sanity check, null ptr deref would happen. We add check on msg[i].len to prevent crash. Similar commit: commit 950e252cb469 ("[media] dw2102: limit messages to buffer size")
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 13:15:00 GMT

read more

CVE-2025-3769 - LatePoint WordPress Calendar Booking Plugin Insecure Direct Object Reference Vulnerability

CVE ID : CVE-2025-3769
Published : May 14, 2025, 12:15 p.m. | 4 hours, 51 minutes ago
Description : The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.92 via the 'view_booking_summary_in_lightbox' due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to retrieve appointment details such as customer names and email addresses.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 12:15:00 GMT

read more

CVE-2025-3931 - Yggdrasil DBus Unauthenticated Command Injection Vulnerability

CVE ID : CVE-2025-3931
Published : May 14, 2025, 12:15 p.m. | 4 hours, 51 minutes ago
Description : A flaw was found in Yggdrasil, which acts as a system broker, allowing the processes to communicate to other children's "worker" processes through the DBus component. Yggdrasil creates a DBus method to dispatch messages to workers. However, it misses authentication and authorization checks, allowing every system user to call it. One available Yggdrasil worker acts as a package manager with capabilities to create and enable new repositories and install or remove packages. This flaw allows an attacker with access to the system to leverage the lack of authentication on the dispatch message to force the Yggdrasil worker to install arbitrary RPM packages. This issue results in local privilege escalation, enabling the attacker to access and modify sensitive system data.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 12:15:00 GMT

read more

CVE-2025-47445 - Eventin Path Traversal Vulnerability

CVE ID : CVE-2025-47445
Published : May 14, 2025, 12:15 p.m. | 4 hours, 51 minutes ago
Description : Relative Path Traversal vulnerability in Themewinter Eventin allows Path Traversal.This issue affects Eventin: from n/a through 4.0.26.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 12:15:00 GMT

read more

CVE-2025-4430 - EZD RP File Manipulation Remote Code Execution

CVE ID : CVE-2025-4430
Published : May 14, 2025, 11:16 a.m. | 5 hours, 50 minutes ago
Description : Unauthorized access to "/api/Token/gettoken" endpoint in EZD RP allows file manipulation.This issue affects EZD RP in versions before 20.19 (published on 22nd August 2024).
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 11:16:00 GMT

read more

CVE-2025-26795 - Apache IoTDB JDBC Driver Information Exposure and Log Injection Vulnerability

CVE ID : CVE-2025-26795
Published : May 14, 2025, 11:16 a.m. | 3 hours, 41 minutes ago
Description : Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Log File vulnerability in Apache IoTDB JDBC driver. This issue affects iotdb-jdbc: from 0.10.0 through 1.3.3, from 2.0.1-beta before 2.0.2. Users are recommended to upgrade to version 2.0.2 and 1.3.4, which fix the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 11:16:00 GMT

read more

CVE-2025-26864 - Apache IoTDB OpenIdAuthorizer Sensitive Information Exposure and Tampering

CVE ID : CVE-2025-26864
Published : May 14, 2025, 11:16 a.m. | 3 hours, 41 minutes ago
Description : Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Log File vulnerability in the OpenIdAuthorizer of Apache IoTDB. This issue affects Apache IoTDB: from 0.10.0 through 1.3.3, from 2.0.1-beta before 2.0.2. Users are recommended to upgrade to version 1.3.4 and 2.0.2, which fix the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 11:16:00 GMT

read more

CVE-2025-3833 - Zohocorp ManageEngine ADSelfService Plus SQL Injection Vulnerability

CVE ID : CVE-2025-3833
Published : May 14, 2025, 11:16 a.m. | 3 hours, 41 minutes ago
Description : Zohocorp ManageEngine ADSelfService Plus versions 6513 and prior are vulnerable to authenticated SQL injection in the MFA reports.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 11:16:00 GMT

read more

CVE-2025-3834 - Zohocorp ManageEngine ADAudit Plus SQL Injection

CVE ID : CVE-2025-3834
Published : May 14, 2025, 11:16 a.m. | 3 hours, 41 minutes ago
Description : Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in the OU History report.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 11:16:00 GMT

read more

CVE-2025-47292 - Cap Collectif Remote Code Execution Vulnerability

CVE ID : CVE-2025-47292
Published : May 14, 2025, 11:16 a.m. | 3 hours, 41 minutes ago
Description : Cap Collectif is an online decision making platform that integrates several tools. Before commit 812f2a7d271b76deab1175bdaf2be0b8102dd198, the `DebateAlternateArgumentsResolver` deserializes a `Cursor`, allowing any classes and which can be controlled by unauthenticated user. Exploitation of this vulnerability can lead to Remote Code Execution. The vulnerability is fixed in commit 812f2a7d271b76deab1175bdaf2be0b8102dd198.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 11:16:00 GMT

read more

CVE-2024-24780 - Apache IoTDB Untrusted URI Remote Code Execution Vulnerability

CVE ID : CVE-2024-24780
Published : May 14, 2025, 11:15 a.m. | 3 hours, 42 minutes ago
Description : Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attacker who has privilege to create UDF can register malicious function from untrusted URI. This issue affects Apache IoTDB: from 1.0.0 before 1.3.4. Users are recommended to upgrade to version 1.3.4, which fixes the issue.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 11:15:00 GMT

read more

CVE-2024-13940 - Ninja Forms Webhooks SSRF Vulnerability

CVE ID : CVE-2024-13940
Published : May 14, 2025, 9:15 a.m. | 5 hours, 42 minutes ago
Description : The Ninja Forms Webhooks plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.0.7 via the form webhook functionality. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 09:15:00 GMT

read more

CVE-2024-8988 - PeepSo Core: File Uploads Plugin WordPress Insecure Direct Object Reference

CVE ID : CVE-2024-8988
Published : May 14, 2025, 9:15 a.m. | 5 hours, 42 minutes ago
Description : The PeepSo Core: File Uploads plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 6.4.6.0 via the file_download REST API endpoint due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to download files uploaded by others users and expose potentially sensitive information.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 09:15:00 GMT

read more

CVE-2025-2875 - Apache Controller Resource Disclosure Vulnerability

CVE ID : CVE-2025-2875
Published : May 14, 2025, 9:15 a.m. | 5 hours, 42 minutes ago
Description : CWE-610: Externally Controlled Reference to a Resource in Another Sphere vulnerability exists that could cause a loss of confidentiality when an unauthenticated attacker manipulates controller’s webserver URL to access resources.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 09:15:00 GMT

read more

CVE-2024-52290 - LF Edge eKuiper Cross-Site Scripting (XSS)

CVE ID : CVE-2024-52290
Published : May 14, 2025, 8:15 a.m. | 6 hours, 42 minutes ago
Description : LF Edge eKuiper is a lightweight internet of things (IoT) data analytics and stream processing engine. Prior to version 2.1.0 user with rights to modificate the service (e.g. kuiperUser role) can inject a cross-site scripting payload into Connection Configuration key `Name` (`confKey`) parameter. After this setup, when any user with access to this service (e.g. admin) tries to delete this key, a payload acts in the victim's browser. Version 2.1.0 fixes the issue.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 08:15:00 GMT

read more

CVE-2025-0020 - ArcGIS OAuth 2.0 API Authentication Privilege Abuse Vulnerability

CVE ID : CVE-2025-0020
Published : May 14, 2025, 8:15 a.m. | 6 hours, 42 minutes ago
Description : Violation of Secure Design Principles, Hidden Functionality, Incorrect Provision of Specified Functionality vulnerability in ArcGIS (Authentication) allows Privilege Abuse, Manipulating Hidden Fields, Configuration/Environment Manipulation. The ArcGIS client_credentials OAuth 2.0 API implementation does not adhere to the RFC/standards; This hidden (known and by-design, but undocumented) functionality enables a requestor (Referred to as client in RFC 6749) to request an, undocumented, custom token expiration from ArcGIS (Referred to as authorization server in RFC 6749).
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 08:15:00 GMT

read more

Retour sur la participation de l’ANSSI à l’édition 2025 de Locked Shields

Retour sur la participation de l’ANSSI à l’édition 2025 de Locked Shields

anssiadm
Après deux semaines d’exercice, la France et la Pologne terminent à la seconde place de Locked Shield 2025 organisé par le CCDCOE entre le 28 avril et le 9 mai.

Mettre à l’épreuve les compétences des cybercombattants français

Le Centre d’excellence de cyberdéfense coopérative de l’OTAN (CCDCOE) a organisé la nouvelle édition de Locked Shields. Plus grand exercice de cyberdéfense international, il s’est déroulé en Estonie, 28 avril au 9 mai 2025. Cet événement a rassemblé 4 000 spécialistes en lutte offensive et cyberdéfense provenant de diverses organisations issues de 41 nations. La France s’est investie pleinement dans cet exercice avec la participation cette année encore des experts de l’ANSSI.

Locked Shields a mis à l’épreuve les compétences des participants et testé leurs capacités à répondre à un incident cyber de grande ampleur dans un environnement contrôlé et réaliste. Cet évènement est également une compétition entre les pays engagés qui permet aux experts en cybersécurité de se perfectionner dans la défense des systèmes d’information nationaux et des infrastructures critiques.

L’équipe franco-polonaise, une collaboration concluante pour renforcer les compétences et la coopération

Après deux semaines d’exercice, l’équipe franco-polonaise, composée notamment des cybercombattants français du COMCYBER (ministère des Armées) et des personnels de l’ANSSI, s’est hissée à la deuxième place du podium. Des étudiants de quatre écoles partenaires (à savoir l'EPITA, l'ENSIBS, l'École 2600 et l'ESGI) ont également joint leur force.

Déjà partenaire en 2022 à Paris les équipes de l’ANSSI, du COMCYBER ainsi que du Commandement Cyber polonais ont continué de tisser des liens étroits et de renforcer la coopération sur les volets stratégiques, tactiques et technico-opératifs, communicationnels et juridiques. Tant au niveau européen qu’international, Locked Shields 2025 a permis de renforcer la capacité de la France à travailler avec ses alliés.

L'équipe française pendant Locked Shields au Kremlin Bicêtre (Paris) © COMCYBER

Wed, 14 May 2025 08:02:00 GMT

read more

CVE-2025-47897 - Apache HTTP Server Remote Code Execution

CVE ID : CVE-2025-47897
Published : May 14, 2025, 4:16 a.m. | 10 hours, 41 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 04:16:00 GMT

read more

CVE-2025-47898 - Apache HTTP Server Authentication Bypass

CVE ID : CVE-2025-47898
Published : May 14, 2025, 4:16 a.m. | 10 hours, 41 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 04:16:00 GMT

read more

CVE-2025-47899 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-47899
Published : May 14, 2025, 4:16 a.m. | 10 hours, 41 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 04:16:00 GMT

read more

CVE-2025-47891 - Apache Struts Command Injection

CVE ID : CVE-2025-47891
Published : May 14, 2025, 4:16 a.m. | 10 hours, 10 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 04:16:00 GMT

read more

CVE-2025-47892 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-47892
Published : May 14, 2025, 4:16 a.m. | 10 hours, 10 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 04:16:00 GMT

read more

CVE-2025-47893 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-47893
Published : May 14, 2025, 4:16 a.m. | 10 hours, 10 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 04:16:00 GMT

read more

CVE-2025-47894 - Apache HTTP Server CSRF

CVE ID : CVE-2025-47894
Published : May 14, 2025, 4:16 a.m. | 10 hours, 10 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 04:16:00 GMT

read more

CVE-2025-47895 - Apache HTTP Server Authentication Bypass

CVE ID : CVE-2025-47895
Published : May 14, 2025, 4:16 a.m. | 10 hours, 10 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 04:16:00 GMT

read more

CVE-2025-47896 - VMware Remote Code Execution

CVE ID : CVE-2025-47896
Published : May 14, 2025, 4:16 a.m. | 10 hours, 10 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 04:16:00 GMT

read more

CVE-2025-4520 - Uncanny Automator WordPress Unauthorized Data Modification Vulnerability

CVE ID : CVE-2025-4520
Published : May 14, 2025, 3:15 a.m. | 9 hours, 51 minutes ago
Description : The Uncanny Automator plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on multiple AJAX functions in versions up to, and including, 6.4.0.2. This makes it possible for authenticated attackers, with subscriber-level permissions or above to update plugin settings.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 03:15:00 GMT

read more

CVE-2025-3623 - WordPress Uncanny Automator PHP Object Injection Vulnerability

CVE ID : CVE-2025-3623
Published : May 14, 2025, 3:15 a.m. | 9 hours, 10 minutes ago
Description : The Uncanny Automator plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 6.4.0.1 via deserialization of untrusted input in the automator_api_decode_message() function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject a PHP Object. The additional presence of a POP chain allows attackers to delete arbitrary files.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 14 May 2025 03:15:00 GMT

read more

CVE-2025-47905 - Varnish Cache HTTP/1 Chunk Boundary CRLF Injection

CVE ID : CVE-2025-47905
Published : May 13, 2025, 10:15 p.m. | 14 hours, 10 minutes ago
Description : Varnish Cache before 7.6.3 and 7.7 before 7.7.1, and Varnish Enterprise before 6.0.13r14, allow client-side desync via HTTP/1 requests, because the product incorrectly permits CRLF to be skipped to delimit chunk boundaries.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 22:15:00 GMT

read more

CVE-2025-4574 - Crossbeam-channel Rust Crate Double-Free Error

CVE ID : CVE-2025-4574
Published : May 13, 2025, 10:15 p.m. | 14 hours, 10 minutes ago
Description : In crossbeam-channel rust crate, the internal `Channel` type's `Drop` method has a race condition which could, in some circumstances, lead to a double-free that could result in memory corruption.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 22:15:00 GMT

read more

CVE-2025-26646 - Microsoft .NET Path Traversal Spoofing

CVE ID : CVE-2025-26646
Published : May 13, 2025, 10:15 p.m. | 12 hours, 38 minutes ago
Description : External control of file name or path in .NET, Visual Studio, and Build Tools for Visual Studio allows an authorized attacker to perform spoofing over a network.
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 22:15:00 GMT

read more

CVE-2025-43568 - Substance3D Use After Free Vulnerability

CVE ID : CVE-2025-43568
Published : May 13, 2025, 9:16 p.m. | 13 hours, 37 minutes ago
Description : Substance3D - Stager versions 3.1.1 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 21:16:00 GMT

read more

CVE-2025-43569 - Substance3D Stager Out-of-Bounds Write Vulnerability

CVE ID : CVE-2025-43569
Published : May 13, 2025, 9:16 p.m. | 13 hours, 37 minutes ago
Description : Substance3D - Stager versions 3.1.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 21:16:00 GMT

read more

CVE-2025-43570 - Substance3D Use After Free Vulnerability

CVE ID : CVE-2025-43570
Published : May 13, 2025, 9:16 p.m. | 13 hours, 37 minutes ago
Description : Substance3D - Stager versions 3.1.1 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 21:16:00 GMT

read more

CVE-2025-43571 - Substance3D Use After Free Vulnerability

CVE ID : CVE-2025-43571
Published : May 13, 2025, 9:16 p.m. | 13 hours, 37 minutes ago
Description : Substance3D - Stager versions 3.1.1 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 21:16:00 GMT

read more

CVE-2025-43572 - Dimension File Handler Arbitrary Code Execution

CVE ID : CVE-2025-43572
Published : May 13, 2025, 9:16 p.m. | 13 hours, 37 minutes ago
Description : Dimension versions 4.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 21:16:00 GMT

read more

CVE-2025-4668 - Apache HTTP Server Deserialization Vulnerability

CVE ID : CVE-2025-4668
Published : May 13, 2025, 9:16 p.m. | 13 hours, 37 minutes ago
Description : Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 21:16:00 GMT

read more

CVE-2025-43565 - ColdFusion Incorrect Authorization Arbitrary Code Execution

CVE ID : CVE-2025-43565
Published : May 13, 2025, 9:16 p.m. | 11 hours, 37 minutes ago
Description : ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Incorrect Authorization vulnerability that could lead to arbitrary code execution in the context of the current user. A high-privileged attacker could leverage this vulnerability to bypass security protections and execute code. Exploitation of this issue requires user interaction and scope is changed.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 21:16:00 GMT

read more

CVE-2025-43566 - ColdFusion versions 2025.1, 2023.13, 2021.19 and e

CVE ID : CVE-2025-43566
Published : May 13, 2025, 9:16 p.m. | 11 hours, 37 minutes ago
Description : ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read. A high-privileged attacker could leverage this vulnerability to bypass security protections and gain unauthorized read access. Exploitation of this issue does not require user interaction and scope is changed.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 21:16:00 GMT

read more

CVE-2025-43567 - Adobe Connect Reflected Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-43567
Published : May 13, 2025, 9:16 p.m. | 11 hours, 37 minutes ago
Description : Adobe Connect versions 12.8 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 21:16:00 GMT

read more

CVE-2025-43563 - Adobe ColdFusion File System Read Improper Access Control

CVE ID : CVE-2025-43563
Published : May 13, 2025, 9:16 p.m. | 11 hours, 7 minutes ago
Description : ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary file system read. An attacker could leverage this vulnerability to access or modify sensitive data without proper authorization. Exploitation of this issue does not require user interaction.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 21:16:00 GMT

read more

CVE-2025-43564 - Adobe ColdFusion File System Read Authorization Bypass

CVE ID : CVE-2025-43564
Published : May 13, 2025, 9:16 p.m. | 11 hours, 7 minutes ago
Description : ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary file system read. An attacker could leverage this vulnerability to access or modify sensitive data without proper authorization. Exploitation of this issue does not require user interaction.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 21:16:00 GMT

read more

CVE-2025-43548 - Dimension Out-of-Bounds Write Vulnerability

CVE ID : CVE-2025-43548
Published : May 13, 2025, 9:16 p.m. | 7 hours, 6 minutes ago
Description : Dimension versions 4.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 21:16:00 GMT

read more

CVE-2025-43549 - Substance3D Use After Free Arbitrary Code Execution Vulnerability

CVE ID : CVE-2025-43549
Published : May 13, 2025, 9:16 p.m. | 7 hours, 6 minutes ago
Description : Substance3D - Stager versions 3.1.1 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 21:16:00 GMT

read more

CVE-2025-43551 - Substance3D Stager Out-of-Bounds Read Vulnerability

CVE ID : CVE-2025-43551
Published : May 13, 2025, 9:16 p.m. | 7 hours, 6 minutes ago
Description : Substance3D - Stager versions 3.1.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 21:16:00 GMT

read more

CVE-2025-43553 - Substance3D Modeler Uncontrolled Search Path Element Vulnerability

CVE ID : CVE-2025-43553
Published : May 13, 2025, 9:16 p.m. | 7 hours, 6 minutes ago
Description : Substance3D - Modeler versions 1.21.0 and earlier are affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the current user. If the application relies on a search path to locate critical resources such as libraries or executables, an attacker could manipulate the search path to load a malicious resource, potentially executing arbitrary code. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 21:16:00 GMT

read more

CVE-2025-43554 - Substance3D Modeler - Out-of-Bounds Write Arbitrary Code Execution Vulnerability

CVE ID : CVE-2025-43554
Published : May 13, 2025, 9:16 p.m. | 7 hours, 6 minutes ago
Description : Substance3D - Modeler versions 1.21.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 21:16:00 GMT

read more

CVE-2025-43559 - ColdFusion Code Injection Vulnerability

CVE ID : CVE-2025-43559
Published : May 13, 2025, 9:16 p.m. | 7 hours, 6 minutes ago
Description : ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. A high-privileged attacker could leverage this vulnerability to bypass security mechanisms and execute code. Exploitation of this issue does not require user interaction and scope is changed.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 21:16:00 GMT

read more

CVE-2025-43560 - ColdFusion Arbitrary Code Execution Vulnerability

CVE ID : CVE-2025-43560
Published : May 13, 2025, 9:16 p.m. | 7 hours, 6 minutes ago
Description : ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. A high-privileged attacker could leverage this vulnerability to bypass security mechanisms and execute code. Exploitation of this issue does not require user interaction and scope is changed.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 21:16:00 GMT

read more

CVE-2025-43561 - ColdFusion Incorrect Authorization Code Execution Vulnerability

CVE ID : CVE-2025-43561
Published : May 13, 2025, 9:16 p.m. | 7 hours, 6 minutes ago
Description : ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. A high-privileged attacker could leverage this vulnerability to bypass authentication mechanisms and execute code. Exploitation of this issue does not require user interaction and scope is changed.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 21:16:00 GMT

read more

CVE-2025-43562 - ColdFusion OS Command Injection

CVE ID : CVE-2025-43562
Published : May 13, 2025, 9:16 p.m. | 7 hours, 6 minutes ago
Description : ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could result in arbitrary code execution in the context of the current user. A high-privileged attacker could leverage this vulnerability to bypass security mechanisms and execute code. Exploitation of this issue does not require user interaction and scope is changed.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 21:16:00 GMT

read more

CVE-2025-30315 - Adobe Connect Stored XSS Vulnerability

CVE ID : CVE-2025-30315
Published : May 13, 2025, 9:16 p.m. | 5 hours, 36 minutes ago
Description : Adobe Connect versions 12.8 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 21:16:00 GMT

read more

CVE-2025-30316 - Adobe Connect Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-30316
Published : May 13, 2025, 9:16 p.m. | 5 hours, 36 minutes ago
Description : Adobe Connect versions 12.8 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 21:16:00 GMT

read more

CVE-2025-24308 - Intel Server D50DNP/M50FCP UEFI Firmware Escalation of Privilege Vulnerability

CVE ID : CVE-2025-24308
Published : May 13, 2025, 9:16 p.m. | 1 hour, 3 minutes ago
Description : Improper input validation in the UEFI firmware error handler for the Intel(R) Server D50DNP and M50FCP may allow a privileged user to potentially enable escalation of privilege via local access.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 21:16:00 GMT

read more

CVE-2025-24495 - Intel Core Ultra Processors Branch Prediction Unit Information Disclosure Vulnerability

CVE ID : CVE-2025-24495
Published : May 13, 2025, 9:16 p.m. | 1 hour, 3 minutes ago
Description : Incorrect initialization of resource in the branch prediction unit for some Intel(R) Core™ Ultra Processors may allow an authenticated user to potentially enable information disclosure via local access.
Severity: 5.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 21:16:00 GMT

read more

CVE-2025-30314 - Adobe Connect Stored XSS

CVE ID : CVE-2025-30314
Published : May 13, 2025, 9:16 p.m. | 1 hour, 3 minutes ago
Description : Adobe Connect versions 12.8 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 21:16:00 GMT

read more

CVE-2025-45863 - TOTOLINK A3002R Buffer Overflow in formMapDelDevice

CVE ID : CVE-2025-45863
Published : May 13, 2025, 8:15 p.m. | 36 minutes ago
Description : TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the macstr parameter in the formMapDelDevice interface.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 20:15:00 GMT

read more

CVE-2025-3744 - Nomad Sentinel Policy Bypass

CVE ID : CVE-2025-3744
Published : May 13, 2025, 7:15 p.m. | 1 hour, 36 minutes ago
Description : Nomad Enterprise (“Nomad”) jobs using the policy override option are bypassing the mandatory sentinel policies. This vulnerability, identified as CVE-2025-3744, is fixed in Nomad Enterprise 1.10.1, 1.9.9, and 1.8.13.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 19:15:00 GMT

read more

CVE-2025-45746 - ZKT ZKBio CVSecurity Hardcoded JWT Secret Authentication Bypass

CVE ID : CVE-2025-45746
Published : May 13, 2025, 7:15 p.m. | 1 hour, 36 minutes ago
Description : In ZKT ZKBio CVSecurity 6.4.1_R an unauthenticated attacker can craft JWT token using the hardcoded secret to authenticate to the service console.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 19:15:00 GMT

read more

CVE-2025-45861 - TOTOLINK A3002R Buffer Overflow Vulnerability

CVE ID : CVE-2025-45861
Published : May 13, 2025, 7:15 p.m. | 1 hour, 36 minutes ago
Description : TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the routername parameter in the formDnsv6 interface.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 19:15:00 GMT

read more

CVE-2025-45865 - TOTOLINK A3002R DNS Server Buffer Overflow Vulnerability

CVE ID : CVE-2025-45865
Published : May 13, 2025, 7:15 p.m. | 1 hour, 36 minutes ago
Description : TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the dnsaddr parameter in the formDhcpv6s interface.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 19:15:00 GMT

read more

CVE-2023-31358 - AMD Manageability API DLL Hijacking Privilege Escalation Vulnerability

CVE ID : CVE-2023-31358
Published : May 13, 2025, 6:15 p.m. | 2 hours, 36 minutes ago
Description : A DLL hijacking vulnerability in the AMD Manageability API could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 18:15:00 GMT

read more

CVE-2023-31359 - AMD Manageability API Privilege Escalation Vulnerability

CVE ID : CVE-2023-31359
Published : May 13, 2025, 6:15 p.m. | 2 hours, 36 minutes ago
Description : Incorrect default permissions in the AMD Manageability API could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 18:15:00 GMT

read more

CVE-2025-27197 - Adobe Lightroom Out-of-Bounds Write Arbitrary Code Execution Vulnerability

CVE ID : CVE-2025-27197
Published : May 13, 2025, 6:15 p.m. | 2 hours, 36 minutes ago
Description : Lightroom Desktop versions 8.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 18:15:00 GMT

read more

CVE-2025-30322 - Substance3D Painter Out-of-Bounds Write Vulnerability

CVE ID : CVE-2025-30322
Published : May 13, 2025, 6:15 p.m. | 2 hours, 36 minutes ago
Description : Substance3D - Painter versions 11.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 18:15:00 GMT

read more

CVE-2025-30324 - Adobe Photoshop Integer Underflow Arbitrary Code Execution Vulnerability

CVE ID : CVE-2025-30324
Published : May 13, 2025, 6:15 p.m. | 2 hours, 36 minutes ago
Description : Photoshop Desktop versions 26.5, 25.12.2 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 18:15:00 GMT

read more

CVE-2025-30325 - Adobe Photoshop Integer Overflow Arbitrary Code Execution

CVE ID : CVE-2025-30325
Published : May 13, 2025, 6:15 p.m. | 2 hours, 36 minutes ago
Description : Photoshop Desktop versions 26.5, 25.12.2 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 18:15:00 GMT

read more

CVE-2025-30326 - Adobe Photoshop Uninitialized Pointer Access Vulnerability

CVE ID : CVE-2025-30326
Published : May 13, 2025, 6:15 p.m. | 2 hours, 36 minutes ago
Description : Photoshop Desktop versions 26.5, 25.12.2 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 18:15:00 GMT

read more

CVE-2025-30328 - Animate Out-of-Bounds Write Arbitrary Code Execution Vulnerability

CVE ID : CVE-2025-30328
Published : May 13, 2025, 6:15 p.m. | 2 hours, 36 minutes ago
Description : Animate versions 24.0.8, 23.0.11 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 18:15:00 GMT

read more

CVE-2025-30329 - Adobe Animate NULL Pointer Dereference Denial-of-Service

CVE ID : CVE-2025-30329
Published : May 13, 2025, 6:15 p.m. | 2 hours, 36 minutes ago
Description : Animate versions 24.0.8, 23.0.11 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption of service. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 18:15:00 GMT

read more

CVE-2025-30330 - Adobe Illustrator Heap-based Buffer Overflow Vulnerability

CVE ID : CVE-2025-30330
Published : May 13, 2025, 6:15 p.m. | 2 hours, 36 minutes ago
Description : Illustrator versions 29.3, 28.7.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 18:15:00 GMT

read more

CVE-2025-43545 - Adobe Bridge Uninitialized Pointer Remote Code Execution Vulnerability

CVE ID : CVE-2025-43545
Published : May 13, 2025, 6:15 p.m. | 2 hours, 36 minutes ago
Description : Bridge versions 15.0.3, 14.1.6 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 18:15:00 GMT

read more

CVE-2025-43546 - Oracle Bridge Integer Underflow Vulnerability

CVE ID : CVE-2025-43546
Published : May 13, 2025, 6:15 p.m. | 2 hours, 36 minutes ago
Description : Bridge versions 15.0.3, 14.1.6 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 18:15:00 GMT

read more

CVE-2025-43547 - Bridge File Integer Overflow Arbitrary Code Execution

CVE ID : CVE-2025-43547
Published : May 13, 2025, 6:15 p.m. | 2 hours, 36 minutes ago
Description : Bridge versions 15.0.3, 14.1.6 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 18:15:00 GMT

read more

CVE-2025-43555 - Animate Integer Underflow Allows Arbitrary Code Execution

CVE ID : CVE-2025-43555
Published : May 13, 2025, 6:15 p.m. | 2 hours, 36 minutes ago
Description : Animate versions 24.0.8, 23.0.11 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 18:15:00 GMT

read more

CVE-2025-43556 - Animate Integer Overflow or Wraparound Vulnerability (Arbitrary Code Execution)

CVE ID : CVE-2025-43556
Published : May 13, 2025, 6:15 p.m. | 2 hours, 36 minutes ago
Description : Animate versions 24.0.8, 23.0.11 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 18:15:00 GMT

read more

CVE-2025-43557 - Animate Access of Uninitialized Pointer Arbitrary Code Execution Vulnerability

CVE ID : CVE-2025-43557
Published : May 13, 2025, 6:15 p.m. | 2 hours, 36 minutes ago
Description : Animate versions 24.0.8, 23.0.11 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 18:15:00 GMT

read more

CVE-2025-4660 - "SecureConnector Windows Agent Named Pipe Remote Code Execution Vulnerability"

CVE ID : CVE-2025-4660
Published : May 13, 2025, 6:15 p.m. | 2 hours, 36 minutes ago
Description : A remote code execution vulnerability exists in the Windows agent component of SecureConnector due to improper access controls on a named pipe. The pipe is accessible to the Everyone group and does not restrict remote connections, allowing any network-based attacker to connect without authentication. By interacting with this pipe, an attacker can redirect the agent to communicate with a rogue server that can issue commands via the SecureConnector Agent.  This does not impact Linux or OSX Secure Connector.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 18:15:00 GMT

read more

CVE-2025-3757 - OpenPubkey Invalid JWS Signature Verification

CVE ID : CVE-2025-3757
Published : May 13, 2025, 5:16 p.m. | 3 hours, 35 minutes ago
Description : Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 17:16:00 GMT

read more

CVE-2025-47280 - Umbraco Forms Email Injection Vulnerability

CVE ID : CVE-2025-47280
Published : May 13, 2025, 5:16 p.m. | 3 hours, 35 minutes ago
Description : Umbraco Forms is a form builder that integrates with the Umbraco content management system. Starting in the 7.x branch and prior to versions 13.4.2 and 15.1.2, the 'Send email' workflow does not HTML encode the user-provided field values in the sent email message, making any form with this workflow configured vulnerable, as it allows sending the message from a trusted system and address, potentially bypassing spam and email client security systems. This issue affects all (supported) versions Umbraco Forms and is patched in 13.4.2 and 15.1.2. Unpatched or unsupported versions can workaround this issue by using the `Send email with template (Razor)` workflow instead or writing a custom workflow type. To avoid accidentally using the vulnerable workflow again, the `SendEmail` workflow type can be removed using a composer available in the GitHub Security Advisory for this vulnerability.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 17:16:00 GMT

read more

CVE-2025-4658 - OpenPubkey/OPKSSH JWS Signature Verification Bypass

CVE ID : CVE-2025-4658
Published : May 13, 2025, 5:16 p.m. | 3 hours, 35 minutes ago
Description : Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification. As OPKSSH depends on the OpenPubkey library for authentication, this vulnerability in OpenPubkey also applies to OPKSSH versions prior to 0.5.0 and would allow an attacker to bypass OPKSSH authentication.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 17:16:00 GMT

read more

CVE-2025-32709 - "Windows Ancillary Function Driver for WinSock Use-After-Free Privilege Escalation Vulnerability"

CVE ID : CVE-2025-32709
Published : May 13, 2025, 5:16 p.m. | 3 hours, 3 minutes ago
Description : Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 17:16:00 GMT

read more

CVE-2025-32704 - Microsoft Office Excel Buffer Over-read Remote Code Execution Vulnerability

CVE ID : CVE-2025-32704
Published : May 13, 2025, 5:16 p.m. | 1 hour, 41 minutes ago
Description : Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 17:16:00 GMT

read more

CVE-2025-32705 - Microsoft Office Outlook Out-of-bounds Read Remote Code Execution Vulnerability

CVE ID : CVE-2025-32705
Published : May 13, 2025, 5:16 p.m. | 1 hour, 41 minutes ago
Description : Out-of-bounds read in Microsoft Office Outlook allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 17:16:00 GMT

read more

CVE-2025-32706 - Windows Common Log File System Driver Local Privilege Escalation Vulnerability

CVE ID : CVE-2025-32706
Published : May 13, 2025, 5:16 p.m. | 1 hour, 41 minutes ago
Description : Improper input validation in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 17:16:00 GMT

read more

CVE-2025-32707 - Windows NTFS Out-of-bounds Read Privilege Elevation

CVE ID : CVE-2025-32707
Published : May 13, 2025, 5:16 p.m. | 1 hour, 41 minutes ago
Description : Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 17:16:00 GMT

read more

CVE-2025-30378 - Microsoft Office SharePoint Deserialization Code Execution Vulnerability

CVE ID : CVE-2025-30378
Published : May 13, 2025, 5:16 p.m. | 1 hour, 2 minutes ago
Description : Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 17:16:00 GMT

read more

CVE-2025-30379 - Microsoft Office Excel Invalid Pointer Reference Execution

CVE ID : CVE-2025-30379
Published : May 13, 2025, 5:16 p.m. | 1 hour, 2 minutes ago
Description : Release of invalid pointer or reference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 17:16:00 GMT

read more

CVE-2025-30381 - Microsoft Office Excel Out-of-Bounds Read Remote Code Execution

CVE ID : CVE-2025-30381
Published : May 13, 2025, 5:16 p.m. | 1 hour, 2 minutes ago
Description : Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 17:16:00 GMT

read more

CVE-2025-30382 - Microsoft Office SharePoint RCE Deserialization Vulnerability

CVE ID : CVE-2025-30382
Published : May 13, 2025, 5:16 p.m. | 1 hour, 2 minutes ago
Description : Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 17:16:00 GMT

read more

CVE-2025-30383 - Microsoft Office Excel Type Confusion Code Execution Vulnerability

CVE ID : CVE-2025-30383
Published : May 13, 2025, 5:16 p.m. | 1 hour, 2 minutes ago
Description : Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 17:16:00 GMT

read more

CVE-2025-30384 - Microsoft Office SharePoint Deserialization Code Execution Vulnerability

CVE ID : CVE-2025-30384
Published : May 13, 2025, 5:16 p.m. | 1 hour, 2 minutes ago
Description : Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.
Severity: 7.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 17:16:00 GMT

read more

CVE-2025-30385 - Windows Common Log File System Driver Use-After-Free Privilege Escalation

CVE ID : CVE-2025-30385
Published : May 13, 2025, 5:16 p.m. | 1 hour, 2 minutes ago
Description : Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 17:16:00 GMT

read more

CVE-2025-30386 - Microsoft Office Use After Free Code Execution Vulnerability

CVE ID : CVE-2025-30386
Published : May 13, 2025, 5:16 p.m. | 1 hour, 2 minutes ago
Description : Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 17:16:00 GMT

read more

CVE-2025-30387 - Azure Web Application Privilege Escalation Path Traversal Vulnerability

CVE ID : CVE-2025-30387
Published : May 13, 2025, 5:16 p.m. | 1 hour, 2 minutes ago
Description : Improper limitation of a pathname to a restricted directory ('path traversal') in Azure allows an unauthorized attacker to elevate privileges over a network.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 17:16:00 GMT

read more

CVE-2025-30388 - Windows Win32K GRFX Heap-based Buffer Overflow

CVE ID : CVE-2025-30388
Published : May 13, 2025, 5:16 p.m. | 1 hour, 2 minutes ago
Description : Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 17:16:00 GMT

read more

CVE-2025-30393 - Microsoft Office Excel Use-After-Free Remote Code Execution Vulnerability

CVE ID : CVE-2025-30393
Published : May 13, 2025, 5:16 p.m. | 1 hour, 2 minutes ago
Description : Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 17:16:00 GMT

read more

CVE-2025-30394 - Citrix Remote Desktop Gateway Service Denial of Service

CVE ID : CVE-2025-30394
Published : May 13, 2025, 5:16 p.m. | 1 hour, 2 minutes ago
Description : Sensitive data storage in improperly locked memory in Remote Desktop Gateway Service allows an unauthorized attacker to deny service over a network.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 17:16:00 GMT

read more

CVE-2025-30397 - Microsoft Scripting Engine Type Confusion Remote Code Execution Vulnerability

CVE ID : CVE-2025-30397
Published : May 13, 2025, 5:16 p.m. | 1 hour, 2 minutes ago
Description : Access of resource using incompatible type ('type confusion') in Microsoft Scripting Engine allows an unauthorized attacker to execute code over a network.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 17:16:00 GMT

read more

CVE-2025-30400 - Microsoft Windows DWM Use-After-Free Privilege Escalation Vulnerability

CVE ID : CVE-2025-30400
Published : May 13, 2025, 5:16 p.m. | 1 hour, 2 minutes ago
Description : Use after free in Windows DWM allows an authorized attacker to elevate privileges locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 17:16:00 GMT

read more

CVE-2025-32701 - Windows Common Log File System Driver Use-After-Free Privilege Escalation

CVE ID : CVE-2025-32701
Published : May 13, 2025, 5:16 p.m. | 1 hour, 2 minutes ago
Description : Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 17:16:00 GMT

read more

CVE-2025-32702 - Visual Studio Command Injection Vulnerability

CVE ID : CVE-2025-32702
Published : May 13, 2025, 5:16 p.m. | 1 hour, 2 minutes ago
Description : Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 17:16:00 GMT

read more

CVE-2025-32703 - Visual Studio Information Disclosure Vulnerability

CVE ID : CVE-2025-32703
Published : May 13, 2025, 5:16 p.m. | 1 hour, 2 minutes ago
Description : Insufficient granularity of access control in Visual Studio allows an authorized attacker to disclose information locally.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 17:16:00 GMT

read more

CVE-2024-46506 - NetAlertX Unauthenticated Command Injection Vulnerability

CVE ID : CVE-2024-46506
Published : May 13, 2025, 4:15 p.m. | 35 minutes ago
Description : NetAlertX 23.01.14 through 24.x before 24.10.12 allows unauthenticated command injection via settings update because function=savesettings lacks an authentication requirement, as exploited in the wild in May 2025. This is related to settings.php and util.php.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 16:15:00 GMT

read more

CVE-2024-48766 - NetAlertX HTTP File Disclosure

CVE ID : CVE-2024-48766
Published : May 13, 2025, 4:15 p.m. | 35 minutes ago
Description : NetAlertX 24.7.18 before 24.10.12 allows unauthenticated file reading because an HTTP client can ignore a redirect, and because of factors related to strpos and directory traversal, as exploited in the wild in May 2025. This is related to components/logs.php.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 16:15:00 GMT

read more

CVE-2024-56526 - OXID eShop Smarty Template Injection Vulnerability

CVE ID : CVE-2024-56526
Published : May 13, 2025, 4:15 p.m. | 35 minutes ago
Description : An issue was discovered in OXID eShop before 7. CMS pages in combination with Smarty may display user information if a CMS page contains a Smarty syntax error.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 16:15:00 GMT

read more

CVE-2025-22462 - Ivanti Neurons for ITSM Authentication Bypass Vulnerability

CVE ID : CVE-2025-22462
Published : May 13, 2025, 4:15 p.m. | 35 minutes ago
Description : An authentication bypass in Ivanti Neurons for ITSM (on-prem only) before 2023.4, 2024.2 and 2024.3 with the May 2025 Security Patch allows a remote unauthenticated attacker to gain administrative access to the system.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 16:15:00 GMT

read more

CVE-2025-28055 - GalWeb Arbitrary File Read Vulnerability

CVE ID : CVE-2025-28055
Published : May 13, 2025, 4:15 p.m. | 35 minutes ago
Description : upset-gal-web v7.1.0 /api/music/v1/cover.ts contains an arbitrary file read vulnerabilit
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 16:15:00 GMT

read more

CVE-2025-28056 - Apache Rebuild SQL Injection Vulnerability

CVE ID : CVE-2025-28056
Published : May 13, 2025, 4:15 p.m. | 35 minutes ago
Description : rebuild v3.9.0 through v3.9.3 has a SQL injection vulnerability in /admin/admin-cli/exec component.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 16:15:00 GMT

read more

CVE-2025-30207 - "Kirby PHP Built-in Server Path Traversal Vulnerability"

CVE ID : CVE-2025-30207
Published : May 13, 2025, 4:15 p.m. | 35 minutes ago
Description : Kirby is an open-source content management system. A vulnerability in versions prior to 3.9.8.3, 3.10.1.2, and 4.7.1 affects all Kirby setups that use PHP's built-in server. Such setups are commonly only used during local development. Sites that use other server software (such as Apache, nginx or Caddy) are not affected. A missing path traversal check allowed attackers to navigate all files on the server that were accessible to the PHP process, including files outside of the Kirby installation. The vulnerable implementation delegated all existing files to PHP, including existing files outside of the document root. This leads to a different response that allows attackers to determine whether the requested file exists. Because Kirby's router only delegates such requests to PHP and does not load or execute them, contents of the files were not exposed as PHP treats requests to files outside of the document root as invalid. The problem has been patched in Kirby 3.9.8.3, Kirby 3.10.1.2, and Kirby 4.7.1. In all of the mentioned releases, the maintainers of Kirby have updated the router to check if existing static files are within the document root. Requests to files outside the document root are treated as page requests of the error page and will no longer allow to determine whether the file exists or not.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 16:15:00 GMT

read more

CVE-2025-31493 - Kirby Path Traversal and Code Execution Vulnerability

CVE ID : CVE-2025-31493
Published : May 13, 2025, 4:15 p.m. | 35 minutes ago
Description : Kirby is an open-source content management system. A vulnerability in versions prior to 3.9.8.3, 3.10.1.2, and 4.7.1 affects all Kirby sites that use the `collection()` helper or `$kirby->collection()` method with a dynamic collection name (such as a collection name that depends on request or user data). Sites that only use fixed calls to the `collection()` helper/`$kirby->collection()` method (i.e. calls with a simple string for the collection name) are *not* affected. A missing path traversal check allowed attackers to navigate and access all files on the server that were accessible to the PHP process, including files outside of the collections root or even outside of the Kirby installation. PHP code within such files was executed. Such attacks first require an attack vector in the site code that is caused by dynamic collection names, such as `collection('tags-' . get('tags'))`. It generally also requires knowledge of the site structure and the server's file system by the attacker, although it can be possible to find vulnerable setups through automated methods such as fuzzing. In a vulnerable setup, this could cause damage to the confidentiality and integrity of the server. The problem has been patched in Kirby 3.9.8.3, Kirby 3.10.1.2, and Kirby 4.7.1. In all of the mentioned releases, the maintainers of Kirby have added a check for the collection path that ensures that the resulting path is contained within the configured collections root. Collection paths that point outside of the collections root will not be loaded.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 16:15:00 GMT

read more

CVE-2025-45857 - Edimax CV7428NS Remote Code Execution Vulnerability

CVE ID : CVE-2025-45857
Published : May 13, 2025, 4:15 p.m. | 35 minutes ago
Description : EDIMAX CV7428NS v1.20 was discovered to contain a remote code execution (RCE) vulnerability via the command parameter in the mp function.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 16:15:00 GMT

read more

CVE-2025-45858 - TOTOLINK A3002R Command Injection Vulnerability

CVE ID : CVE-2025-45858
Published : May 13, 2025, 4:15 p.m. | 35 minutes ago
Description : TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a command injection vulnerability via the FUN_00459fdc function.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 16:15:00 GMT

read more

CVE-2025-46721 - Apache NOSurf CSRF Bypass Vulnerability

CVE ID : CVE-2025-46721
Published : May 13, 2025, 4:15 p.m. | 35 minutes ago
Description : nosurf is cross-site request forgery (CSRF) protection middleware for Go. A vulnerability in versions prior to 1.2.0 allows an attacker who controls content on the target site, or on a subdomain of the target site (either via XSS, or otherwise) to bypass CSRF checks and issue requests on user's behalf. Due to misuse of the Go `net/http` library, nosurf categorizes all incoming requests as plain-text HTTP requests, in which case the `Referer` header is not checked to have the same origin as the target webpage. If the attacker has control over HTML contents on either the target website (e.g. `example.com`), or on a website hosted on a subdomain of the target (e.g. `attacker.example.com`), they will also be able to manipulate cookies set for the target website. By acquiring the secret CSRF token from the cookie, or overriding the cookie with a new token known to the attacker, `attacker.example.com` is able to craft cross-site requests to `example.com`. A patch for the issue was released in nosurf 1.2.0. In lieu of upgrading to a patched version of nosurf, users may additionally use another HTTP middleware to ensure that a non-safe HTTP request is coming from the same origin (e.g. by requiring a `Sec-Fetch-Site: same-origin` header in the request).
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 16:15:00 GMT

read more

CVE-2025-47204 - Bootstrap Multiselect PHP Post Data Echos Reflective Cross-Site Scripting (XSS)

CVE ID : CVE-2025-47204
Published : May 13, 2025, 4:15 p.m. | 35 minutes ago
Description : An issue was discovered in post.php in bootstrap-multiselect (aka Bootstrap Multiselect) 1.1.2. A PHP script in the source code echoes arbitrary POST data. If a developer adopts this structure wholesale in a live application, it could create a Reflective Cross-Site Scripting (XSS) vulnerability exploitable through Cross-Site Request Forgery (CSRF).
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 16:15:00 GMT

read more

CVE-2025-47276 - Actualizer Weak Password Hashing Vulnerability

CVE ID : CVE-2025-47276
Published : May 13, 2025, 4:15 p.m. | 35 minutes ago
Description : Actualizer is a single shell script solution to allow developers and embedded engineers to create Debian operating systems (OS). Prior to version 1.2.0, Actualizer uses OpenSSL's "-passwd" function, which uses SHA512 instead of a more suitable password hasher like Yescript/Argon2i. All Actualizer users building a full Debian Operating System are affected. Users should upgrade to version 1.2.0 of Actualizer. Existing OS deployment requires manual password changes against the alpha and root accounts. The change will deploy's Debian's yescript overriding the older SHA512 hash created by OpenSSL. As a workaround, users need to reset both `root` and "Alpha" users' passwords.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 16:15:00 GMT

read more

CVE-2025-47278 - Flask itsdangerous Incorrect Fallback Key Configuration Vulnerability

CVE ID : CVE-2025-47278
Published : May 13, 2025, 4:15 p.m. | 35 minutes ago
Description : Flask is a web server gateway interface (WSGI) web application framework. In Flask 3.1.0, the way fallback key configuration was handled resulted in the last fallback key being used for signing, rather than the current signing key. Signing is provided by the `itsdangerous` library. A list of keys can be passed, and it expects the last (top) key in the list to be the most recent key, and uses that for signing. Flask was incorrectly constructing that list in reverse, passing the signing key first. Sites that have opted-in to use key rotation by setting `SECRET_KEY_FALLBACKS` care likely to unexpectedly be signing their sessions with stale keys, and their transition to fresher keys will be impeded. Sessions are still signed, so this would not cause any sort of data integrity loss. Version 3.1.1 contains a patch for the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 16:15:00 GMT

read more

CVE-2025-4427 - Ivanti Endpoint Manager Mobile Authentication Bypass Vulnerability

CVE ID : CVE-2025-4427
Published : May 13, 2025, 4:15 p.m. | 35 minutes ago
Description : An authentication bypass in the API component of Ivanti Endpoint Manager Mobile 12.5.0.0 and prior allows attackers to access protected resources without proper credentials via the API.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 16:15:00 GMT

read more

CVE-2025-4428 - Ivanti Endpoint Manager Mobile Remote Code Execution Vulnerability

CVE ID : CVE-2025-4428
Published : May 13, 2025, 4:15 p.m. | 35 minutes ago
Description : Remote Code Execution in API component in Ivanti Endpoint Manager Mobile 12.5.0.0 and prior on unspecified platforms allows authenticated attackers to execute arbitrary code via crafted API requests.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 16:15:00 GMT

read more

CVE-2025-28057 - Owl-Admin SQL Injection Vulnerability

CVE ID : CVE-2025-28057
Published : May 13, 2025, 3:15 p.m. | 1 hour, 35 minutes ago
Description : owl-admin v3.2.2~ to v4.10.2 is vulnerable to SQL Injection in /admin-api/system/admin_menus/save_order.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 15:15:00 GMT

read more

CVE-2025-30159 - Kirby Path Traversal and Code Execution Vulnerability

CVE ID : CVE-2025-30159
Published : May 13, 2025, 3:15 p.m. | 1 hour, 35 minutes ago
Description : Kirby is an open-source content management system. A vulnerability in versions prior to 3.9.8.3, 3.10.1.2, and 4.7.1 affects all Kirby sites that use the `snippet()` helper or `$kirby->snippet()` method with a dynamic snippet name (such as a snippet name that depends on request or user data). Sites that only use fixed calls to the `snippet()` helper/`$kirby->snippet()` method (i.e. calls with a simple string for the snippet name) are *not* affected. A missing path traversal check allowed attackers to navigate and access all files on the server that were accessible to the PHP process, including files outside of the snippets root or even outside of the Kirby installation. PHP code within such files was executed. Such attacks first require an attack vector in the site code that is caused by dynamic snippet names, such as `snippet('tags-' . get('tags'))`. It generally also requires knowledge of the site structure and the server's file system by the attacker, although it can be possible to find vulnerable setups through automated methods such as fuzzing. In a vulnerable setup, this could cause damage to the confidentiality and integrity of the server. The problem has been patched in Kirby 3.9.8.3, Kirby 3.10.1.2, and Kirby 4.7.1. In all of the mentioned releases, Kirby maintainers have added a check for the snippet path that ensures that the resulting path is contained within the configured snippets root. Snippet paths that point outside of the snippets root will not be loaded.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 15:15:00 GMT

read more

CVE-2025-32756 - Fortinet FortiVoice Buffer Overflow Vulnerability

CVE ID : CVE-2025-32756
Published : May 13, 2025, 3:15 p.m. | 1 hour, 35 minutes ago
Description : A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiVoice versions 7.2.0, 7.0.0 through 7.0.6, 6.4.0 through 6.4.10, FortiRecorder versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.5, 6.4.0 through 6.4.5, FortiMail versions 7.6.0 through 7.6.2, 7.4.0 through 7.4.4, 7.2.0 through 7.2.7, 7.0.0 through 7.0.8, FortiNDR versions 7.6.0, 7.4.0 through 7.4.7, 7.2.0 through 7.2.4, 7.0.0 through 7.0.6, FortiCamera versions 2.1.0 through 2.1.3, 2.0 all versions, 1.1 all versions, allows a remote unauthenticated attacker to execute arbitrary code or commands via sending HTTP requests with specially crafted hash cookie.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 15:15:00 GMT

read more

CVE-2025-44039 - CP-XR-DE21-S 4G Router Firmware UART Console Authentication Bypass

CVE ID : CVE-2025-44039
Published : May 13, 2025, 3:15 p.m. | 1 hour, 34 minutes ago
Description : CP-XR-DE21-S -4G Router Firmware version 1.031.022 was discovered to contain insecure protections for its UART console. This vulnerability allows local attackers to connect to the UART port via a serial connection, read all boot sequence, and revealing internal system details and sensitive information without any authentication.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 15:15:00 GMT

read more

CVE-2025-44831 - EngineerCMS SQL Injection Vulnerability

CVE ID : CVE-2025-44831
Published : May 13, 2025, 3:15 p.m. | 1 hour, 34 minutes ago
Description : EngineerCMS v1.02 through v2.0.5 has a SQL injection vulnerability in the /project/addproject interface.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 15:15:00 GMT

read more

CVE-2025-45859 - TOTOLINK A3002R Buffer Overflow

CVE ID : CVE-2025-45859
Published : May 13, 2025, 3:15 p.m. | 1 hour, 34 minutes ago
Description : TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the bandstr parameter in the formMapDelDevice interface.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 15:15:00 GMT

read more

CVE-2025-45864 - TOTOLINK A3002R Buffer Overflow Vulnerability

CVE ID : CVE-2025-45864
Published : May 13, 2025, 3:15 p.m. | 1 hour, 34 minutes ago
Description : TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the addrPoolStart parameter in the formDhcpv6s interface.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 15:15:00 GMT

read more

CVE-2025-45866 - TOTOLINK A3002R Buffer Overflow

CVE ID : CVE-2025-45866
Published : May 13, 2025, 3:15 p.m. | 1 hour, 34 minutes ago
Description : TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the addrPoolEnd parameter in the formDhcpv6s interface.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 15:15:00 GMT

read more

CVE-2025-45867 - TOTOLINK A3002R Buffer Overflow

CVE ID : CVE-2025-45867
Published : May 13, 2025, 3:15 p.m. | 1 hour, 34 minutes ago
Description : TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the static_dns1 parameter in the formIpv6Setup interface.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 15:15:00 GMT

read more

CVE-2024-12533 - Apache Phoenix SecureCore Technology Input Validation Bypass

CVE ID : CVE-2024-12533
Published : May 13, 2025, 3:15 p.m. | 1 hour, 2 minutes ago
Description : Improper Check for Unusual or Exceptional Conditions vulnerability in Phoenix SecureCore Technology 4 allows Input Data Manipulation.This issue affects SecureCore Technology 4: from 4.0.1.0 before 4.0.1.1018, from 4.1.0.1 before 4.1.0.573, from 4.2.0.1 before 4.2.0.338, from 4.2.1.1 before 4.2.1.300, from 4.3.0.1 before 4.3.0.244, from 4.3.1.1 before 4.3.1.187, from 4.4.0.1 before 4.4.0.299, from 4.5.0.1 before 4.5.0.231, from 4.5.1.1 before 4.5.1.103, from 4.5.5.1 before 4.5.5.36, from 4.6.0.1 before 4.6.0.67.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 15:15:00 GMT

read more

CVE-2024-35281 - FortiClientMac and FortiVoiceUCDesktop Code Injection Vulnerability

CVE ID : CVE-2024-35281
Published : May 13, 2025, 3:15 p.m. | 1 hour, 2 minutes ago
Description : An improper isolation or compartmentalization vulnerability [CWE-653] in FortiClientMac version 7.4.2 and below, version 7.2.8 and below, 7.0 all versions and FortiVoiceUCDesktop 3.0 all versions desktop application may allow an authenticated attacker to inject code via Electron environment variables.
Severity: 2.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 15:15:00 GMT

read more

CVE-2025-22460 - Ivanti Cloud Services Privilege Escalation Vulnerability

CVE ID : CVE-2025-22460
Published : May 13, 2025, 3:15 p.m. | 1 hour, 2 minutes ago
Description : Default credentials in Ivanti Cloud Services Application before version 5.0.5 allows a local authenticated attacker to escalate their privileges.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 15:15:00 GMT

read more

CVE-2025-22859 - FortiClientEMS Relative Path Traversal File Write Vulnerability

CVE ID : CVE-2025-22859
Published : May 13, 2025, 3:15 p.m. | 1 hour, 2 minutes ago
Description : A Relative Path Traversal vulnerability [CWE-23] in FortiClientEMS 7.4.0 through 7.4.1 and FortiClientEMS Cloud 7.4.0 through 7.4.1 may allow a remote unauthenticated attacker to perform a limited arbitrary file write on the system via upload requests.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 15:15:00 GMT

read more

CVE-2024-36340 - AMD uProf File Deletion/Disclosure Junction Point Vulnerability

CVE ID : CVE-2024-36340
Published : May 13, 2025, 2:15 p.m. | 2 hours, 2 minutes ago
Description : A junction point vulnerability within AMD uProf can allow a local low-privileged attacker to create junction points, potentially resulting in arbitrary file deletion or disclosure.
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 14:15:00 GMT

read more

CVE-2024-42446 - APTIOV BIOS TOCTOU Race Condition Vulnerability

CVE ID : CVE-2024-42446
Published : May 13, 2025, 2:15 p.m. | 2 hours, 2 minutes ago
Description : APTIOV contains a vulnerability in BIOS where an attacker may cause a Time-of-check Time-of-use (TOCTOU) Race Condition by local means. Successful exploitation of this vulnerability may lead to arbitrary code execution.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 14:15:00 GMT

read more

CVE-2025-4649 - Centreon Web Privilege Escalation Vulnerability

CVE ID : CVE-2025-4649
Published : May 13, 2025, 12:15 p.m. | 4 hours, 2 minutes ago
Description : Improper Privilege Management vulnerability in Centreon web allows Privilege Escalation. ACL are not correctly taken into account in the display of the "event logs" page. This page requiring, high privileges, will display all available logs. This issue affects web: from 24.10.3 before 24.10.4, from 24.04.09 before 24.04.10, from 23.10.19 before 23.10.21, from 23.04.24 before 23.04.26.
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 12:15:00 GMT

read more

CVE-2025-32917 - Checkmk Java Home Privilege Escalation

CVE ID : CVE-2025-32917
Published : May 13, 2025, 11:15 a.m. | 5 hours, 2 minutes ago
Description : Privilege escalation in jar_signature agent plugin in Checkmk versions <2.4.0b7 (beta), <2.3.0p32, <2.2.0p42, and 2.1.0p49 (EOL) allow user with write access to JAVA_HOME/bin directory to escalate privileges.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 11:15:00 GMT

read more

CVE-2025-40580 - Siemens SCALANCE LPE9403 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-40580
Published : May 13, 2025, 10:15 a.m. | 6 hours, 2 minutes ago
Description : A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices are vulnerable to a stack-based buffer overflow. This could allow a non-privileged local attacker to execute arbitrary code on the device or to cause a denial of service condition.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 10:15:00 GMT

read more

CVE-2025-40581 - Siemens SCALANCE LPE9403 Authentication Bypass Vulnerability

CVE ID : CVE-2025-40581
Published : May 13, 2025, 10:15 a.m. | 6 hours, 2 minutes ago
Description : A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions with SINEMA Remote Connect Edge Client installed). Affected devices are vulnerable to an authentication bypass. This could allow a non-privileged local attacker to bypass the authentication of the SINEMA Remote Connect Edge Client, and to read and modify the configuration parameters.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 10:15:00 GMT

read more

CVE-2025-40582 - Siemens SCALANCE LPE9403 Command Injection Vulnerability

CVE ID : CVE-2025-40582
Published : May 13, 2025, 10:15 a.m. | 6 hours, 2 minutes ago
Description : A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions with SINEMA Remote Connect Edge Client installed). Affected devices do not properly sanitize configuration parameters. This could allow a non-privileged local attacker to execute root commands on the device.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 10:15:00 GMT

read more

CVE-2025-40583 - SCALANCE LPE9403 Cleartext Sensitive Information Transmission

CVE ID : CVE-2025-40583
Published : May 13, 2025, 10:15 a.m. | 6 hours, 2 minutes ago
Description : A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions with SINEMA Remote Connect Edge Client installed). Affected devices do transmit sensitive information in cleartext. This could allow a privileged local attacker to retrieve this sensitive information.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 10:15:00 GMT

read more

CVE-2025-40628 - DomainsPRO SQL Injection

CVE ID : CVE-2025-40628
Published : May 13, 2025, 10:15 a.m. | 6 hours, 2 minutes ago
Description : SQL injection vulnerability in DomainsPRO 1.2. This vulnerability could allow an attacker to retrieve, create, update and delete databases via the “d” parameter in the “/article.php” endpoint.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 10:15:00 GMT

read more

CVE-2025-4646 - Centreon Web Privilege Escalation Vulnerability

CVE ID : CVE-2025-4646
Published : May 13, 2025, 10:15 a.m. | 6 hours, 2 minutes ago
Description : Improper Privilege Management vulnerability in Centreon web (API Token creation form modules) allows Privilege Escalation.This issue affects web: from 24.04.0 before 24.04.10, from 24.10.0 before 24.10.4.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 10:15:00 GMT

read more

CVE-2025-4647 - Centreon Web Cross-Site Scripting (XSS)

CVE ID : CVE-2025-4647
Published : May 13, 2025, 10:15 a.m. | 6 hours, 2 minutes ago
Description : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Centreon web allows Reflected XSS. A user with elevated privileges can bypass sanitization measures by replacing the content of an existing SVG. This issue affects web: from 24.10.0 before 24.10.5, from 24.04.0 before 24.04.11, from 23.10.0 before 23.10.22, from 23.04.0 before 23.04.27, from 22.10.0 before 22.10.29.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 10:15:00 GMT

read more

CVE-2025-4648 - Centreon Web Reflected Cross-Site Scripting (XSS)

CVE ID : CVE-2025-4648
Published : May 13, 2025, 10:15 a.m. | 6 hours, 2 minutes ago
Description : Download of Code Without Integrity Check vulnerability in Centreon web allows Reflected XSS. A user with elevated privileges can inject XSS by altering the content of a SVG media during the submit request. This issue affects web: from 24.10.0 before 24.10.5, from 24.04.0 before 24.04.11, from 23.10.0 before 23.10.22, from 23.04.0 before 23.04.27, from 22.10.0 before 22.10.29.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 10:15:00 GMT

read more

CVE-2025-33025 - RUGGEDCOM ROX Command Injection Vulnerability

CVE ID : CVE-2025-33025
Published : May 13, 2025, 10:15 a.m. | 4 hours, 42 minutes ago
Description : A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.5), RUGGEDCOM ROX MX5000RE (All versions < V2.16.5), RUGGEDCOM ROX RX1400 (All versions < V2.16.5), RUGGEDCOM ROX RX1500 (All versions < V2.16.5), RUGGEDCOM ROX RX1501 (All versions < V2.16.5), RUGGEDCOM ROX RX1510 (All versions < V2.16.5), RUGGEDCOM ROX RX1511 (All versions < V2.16.5), RUGGEDCOM ROX RX1512 (All versions < V2.16.5), RUGGEDCOM ROX RX1524 (All versions < V2.16.5), RUGGEDCOM ROX RX1536 (All versions < V2.16.5), RUGGEDCOM ROX RX5000 (All versions < V2.16.5). The 'traceroute' tool in the web interface of affected devices is vulnerable to command injection due to missing server side input sanitation. This could allow an authenticated remote attacker to execute arbitrary code with root privileges.
Severity: 9.9 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 10:15:00 GMT

read more

CVE-2025-40555 - APOGEE PXC+TALON TC Series BACnet Broadcast Storm Denial of Service Vulnerability

CVE ID : CVE-2025-40555
Published : May 13, 2025, 10:15 a.m. | 4 hours, 42 minutes ago
Description : A vulnerability has been identified in APOGEE PXC+TALON TC Series (BACnet) (All versions). Affected devices start sending unsolicited BACnet broadcast messages after processing a specific BACnet createObject request. This could allow an attacker residing in the same BACnet network to send a specially crafted message that results in a partial denial of service condition of the targeted device, and potentially reduce the availability of BACnet network. A power cycle is required to restore the device's normal operation.
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 10:15:00 GMT

read more

CVE-2025-40556 - "BACnet ATEC Denial of Service Vulnerability"

CVE ID : CVE-2025-40556
Published : May 13, 2025, 10:15 a.m. | 4 hours, 42 minutes ago
Description : A vulnerability has been identified in BACnet ATEC 550-440 (All versions), BACnet ATEC 550-441 (All versions), BACnet ATEC 550-445 (All versions), BACnet ATEC 550-446 (All versions). Affected devices improperly handle specific incoming BACnet MSTP messages. This could allow an attacker residing in the same BACnet network to send a specially crafted MSTP message that results in a denial of service condition of the targeted device. A power cycle is required to restore the device's normal operation.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 10:15:00 GMT

read more

CVE-2025-40566 - Siemens SIMATIC PCS neo Session Hijacking Vulnerability

CVE ID : CVE-2025-40566
Published : May 13, 2025, 10:15 a.m. | 4 hours, 42 minutes ago
Description : A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions < V4.1 Update 3), SIMATIC PCS neo V5.0 (All versions < V5.0 Update 1). Affected products do not correctly invalidate user sessions upon user logout. This could allow a remote unauthenticated attacker, who has obtained the session token by other means, to re-use a legitimate user's session even after logout.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 10:15:00 GMT

read more

CVE-2025-40571 - Mendix OIDC SSO Privilege Escalation

CVE ID : CVE-2025-40571
Published : May 13, 2025, 10:15 a.m. | 4 hours, 42 minutes ago
Description : A vulnerability has been identified in Mendix OIDC SSO (Mendix 10 compatible) (All versions < V4.0.0), Mendix OIDC SSO (Mendix 9 compatible) (All versions). The Mendix OIDC SSO module grants read and write access to all tokens exclusively to the Administrator role and could result in privilege misuse by an adversary modifying the module during Mendix development.
Severity: 2.2 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 10:15:00 GMT

read more

CVE-2025-40572 - Siemens SCALANCE LPE9403 Privilege Escalation

CVE ID : CVE-2025-40572
Published : May 13, 2025, 10:15 a.m. | 4 hours, 42 minutes ago
Description : A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices do not properly assign permissions to critical ressources. This could allow a non-privileged local attacker to access sensitive information stored on the device.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 10:15:00 GMT

read more

CVE-2025-40573 - SCALANCE LPE9403 Path Traversal Vulnerability

CVE ID : CVE-2025-40573
Published : May 13, 2025, 10:15 a.m. | 4 hours, 42 minutes ago
Description : A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices are vulnerable to path traversal attacks. This could allow a privileged local attacker to restore backups that are outside the backup folder.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 10:15:00 GMT

read more

CVE-2025-40574 - "Siemens SCALANCE LPE9403 Privilege Escalation"

CVE ID : CVE-2025-40574
Published : May 13, 2025, 10:15 a.m. | 4 hours, 42 minutes ago
Description : A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices do not properly assign permissions to critical ressources. This could allow a non-privileged local attacker to interact with the backupmanager service.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 10:15:00 GMT

read more

CVE-2025-40575 - SCALANCE LPE9403 Remote Denial of Service (DoS) Vulnerability

CVE ID : CVE-2025-40575
Published : May 13, 2025, 10:15 a.m. | 4 hours, 42 minutes ago
Description : A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices do not properly validate incoming Profinet packets. An unauthenticated remote attacker can exploit this flaw by sending a specially crafted malicious packet, which leads to a crash of the dcpd process.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 10:15:00 GMT

read more

CVE-2025-40576 - "SCALANCE LPE9403 Profinet Packet Validation Remote Crash Vulnerability"

CVE ID : CVE-2025-40576
Published : May 13, 2025, 10:15 a.m. | 4 hours, 42 minutes ago
Description : A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices do not properly validate incoming Profinet packets. An unauthenticated remote attacker can exploit this flaw by sending a specially crafted malicious packet, which leads to a crash of the dcpd process.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 10:15:00 GMT

read more

CVE-2025-40577 - "SCALANCE LPE9403 Profinet Packet Validation Remote Code Execution Denial of Service"

CVE ID : CVE-2025-40577
Published : May 13, 2025, 10:15 a.m. | 4 hours, 42 minutes ago
Description : A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices do not properly validate incoming Profinet packets. An unauthenticated remote attacker can exploit this flaw by sending a specially crafted malicious packet, which leads to a crash of the dcpd process.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 10:15:00 GMT

read more

CVE-2025-40578 - "SCALANCE LPE9403 Profinet Packet Flood Crash Vulnerability"

CVE ID : CVE-2025-40578
Published : May 13, 2025, 10:15 a.m. | 4 hours, 42 minutes ago
Description : A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices do not properly handle multiple incoming Profinet packets received in rapid succession. An unauthenticated remote attacker can exploit this flaw by sending multiple packets in a very short time frame, which leads to a crash of the dcpd process.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 10:15:00 GMT

read more

CVE-2025-40579 - Siemens SCALANCE LPE9403 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-40579
Published : May 13, 2025, 10:15 a.m. | 4 hours, 42 minutes ago
Description : A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices are vulnerable to a stack-based buffer overflow. This could allow a non-privileged local attacker to execute arbitrary code on the device or to cause a denial of service condition.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 10:15:00 GMT

read more

CVE-2025-32469 - RUGGEDCOM ROX Command Injection Vulnerability

CVE ID : CVE-2025-32469
Published : May 13, 2025, 10:15 a.m. | 2 hours, 34 minutes ago
Description : A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.5), RUGGEDCOM ROX MX5000RE (All versions < V2.16.5), RUGGEDCOM ROX RX1400 (All versions < V2.16.5), RUGGEDCOM ROX RX1500 (All versions < V2.16.5), RUGGEDCOM ROX RX1501 (All versions < V2.16.5), RUGGEDCOM ROX RX1510 (All versions < V2.16.5), RUGGEDCOM ROX RX1511 (All versions < V2.16.5), RUGGEDCOM ROX RX1512 (All versions < V2.16.5), RUGGEDCOM ROX RX1524 (All versions < V2.16.5), RUGGEDCOM ROX RX1536 (All versions < V2.16.5), RUGGEDCOM ROX RX5000 (All versions < V2.16.5). The 'ping' tool in the web interface of affected devices is vulnerable to command injection due to missing server side input sanitation. This could allow an authenticated remote attacker to execute arbitrary code with root privileges.
Severity: 9.9 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 10:15:00 GMT

read more

CVE-2025-33024 - RUGGEDCOM ROX Command Injection Vulnerability

CVE ID : CVE-2025-33024
Published : May 13, 2025, 10:15 a.m. | 2 hours, 34 minutes ago
Description : A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.5), RUGGEDCOM ROX MX5000RE (All versions < V2.16.5), RUGGEDCOM ROX RX1400 (All versions < V2.16.5), RUGGEDCOM ROX RX1500 (All versions < V2.16.5), RUGGEDCOM ROX RX1501 (All versions < V2.16.5), RUGGEDCOM ROX RX1510 (All versions < V2.16.5), RUGGEDCOM ROX RX1511 (All versions < V2.16.5), RUGGEDCOM ROX RX1512 (All versions < V2.16.5), RUGGEDCOM ROX RX1524 (All versions < V2.16.5), RUGGEDCOM ROX RX1536 (All versions < V2.16.5), RUGGEDCOM ROX RX5000 (All versions < V2.16.5). The 'tcpdump' tool in the web interface of affected devices is vulnerable to command injection due to missing server side input sanitation. This could allow an authenticated remote attacker to execute arbitrary code with root privileges.
Severity: 9.9 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 10:15:00 GMT

read more

CVE-2025-31930 - Schneider Electric Modbus Remote Control Vulnerability

CVE ID : CVE-2025-31930
Published : May 13, 2025, 10:15 a.m. | 34 minutes ago
Description : A vulnerability has been identified in IEC 1Ph 7.4kW Child socket (8EM1310-2EH04-0GA0) (All versions < V2.135), IEC 1Ph 7.4kW Child socket/ shutter (8EM1310-2EN04-0GA0) (All versions < V2.135), IEC 1Ph 7.4kW Parent cable 7m (8EM1310-2EJ04-3GA1) (All versions < V2.135), IEC 1Ph 7.4kW Parent cable 7m incl. SIM (8EM1310-2EJ04-3GA2) (All versions < V2.135), IEC 1Ph 7.4kW Parent socket (8EM1310-2EH04-3GA1) (All versions < V2.135), IEC 1Ph 7.4kW Parent socket incl. SIM (8EM1310-2EH04-3GA2) (All versions < V2.135), IEC 1Ph 7.4kW Parent socket/ shutter (8EM1310-2EN04-3GA1) (All versions < V2.135), IEC 1Ph 7.4kW Parent socket/ shutter SIM (8EM1310-2EN04-3GA2) (All versions < V2.135), IEC 3Ph 22kW Child cable 7m (8EM1310-3EJ04-0GA0) (All versions < V2.135), IEC 3Ph 22kW Child socket (8EM1310-3EH04-0GA0) (All versions < V2.135), IEC 3Ph 22kW Child socket/ shutter (8EM1310-3EN04-0GA0) (All versions < V2.135), IEC 3Ph 22kW Parent cable 7m (8EM1310-3EJ04-3GA1) (All versions < V2.135), IEC 3Ph 22kW Parent cable 7m incl. SIM (8EM1310-3EJ04-3GA2) (All versions < V2.135), IEC 3Ph 22kW Parent socket (8EM1310-3EH04-3GA1) (All versions < V2.135), IEC 3Ph 22kW Parent socket incl. SIM (8EM1310-3EH04-3GA2) (All versions < V2.135), IEC 3Ph 22kW Parent socket/ shutter (8EM1310-3EN04-3GA1) (All versions < V2.135), IEC 3Ph 22kW Parent socket/ shutter SIM (8EM1310-3EN04-3GA2) (All versions < V2.135), IEC ERK 3Ph 22 kW Child cable 7m (8EM1310-3FJ04-0GA0) (All versions < V2.135), IEC ERK 3Ph 22 kW Child cable 7m (8EM1310-3FJ04-0GA1) (All versions < V2.135), IEC ERK 3Ph 22 kW Child cable 7m (8EM1310-3FJ04-0GA2) (All versions < V2.135), IEC ERK 3Ph 22 kW Child socket (8EM1310-3FH04-0GA0) (All versions < V2.135), IEC ERK 3Ph 22 kW Parent socket (8EM1310-3FH04-3GA1) (All versions < V2.135), IEC ERK 3Ph 22 kW Parent socket incl. SI (8EM1310-3FH04-3GA2) (All versions < V2.135), UL Commercial Cellular 48A NTEP (8EM1310-5HF14-1GA2) (All versions < V2.135), UL Commercial Child 40A w/ 15118 HW (8EM1310-4CF14-0GA0) (All versions < V2.135), UL Commercial Child 48A BA Compliant (8EM1315-5CG14-0GA0) (All versions < V2.135), UL Commercial Child 48A w/ 15118 HW (8EM1310-5CF14-0GA0) (All versions < V2.135), UL Commercial Parent 40A with Simcard (8EM1310-4CF14-1GA2) (All versions < V2.135), UL Commercial Parent 48A (USPS) (8EM1317-5CG14-1GA2) (All versions < V2.135), UL Commercial Parent 48A BA Compliant (8EM1315-5CG14-1GA2) (All versions < V2.135), UL Commercial Parent 48A with Simcard BA (8EM1310-5CF14-1GA2) (All versions < V2.135), UL Commercial Parent 48A, 15118, 25ft (8EM1310-5CG14-1GA1) (All versions < V2.135), UL Commercial Parent 48A, 15118, 25ft (8EM1314-5CG14-2FA2) (All versions < V2.135), UL Commercial Parent 48A, 15118, 25ft (8EM1315-5HG14-1GA2) (All versions < V2.135), UL Commercial Parent 48A,15118 25ft Sim (8EM1310-5CG14-1GA2) (All versions < V2.135), VersiCharge Blue™ 80A AC Cellular (8EM1315-7BG16-1FH2) (All versions < V2.135). Affected devices contain Modbus service enabled by default. This could allow an attacker connected to the same network to remotely control the EV charger.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 10:15:00 GMT

read more

CVE-2025-32454 - Siemens Teamcenter Visualization Out-of-Bounds Read Vulnerability

CVE ID : CVE-2025-32454
Published : May 13, 2025, 10:15 a.m. | 34 minutes ago
Description : A vulnerability has been identified in Teamcenter Visualization V14.3 (All versions < V14.3.0.14), Teamcenter Visualization V2312 (All versions < V2312.0010), Teamcenter Visualization V2406 (All versions < V2406.0008), Teamcenter Visualization V2412 (All versions < V2412.0004). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 10:15:00 GMT

read more

CVE-2025-27696 - Apache Superset Unauthorized Data Takeover Vulnerability

CVE ID : CVE-2025-27696
Published : May 13, 2025, 9:15 a.m. | 28 minutes ago
Description : Improper Authorization vulnerability in Apache Superset allows ownership takeover of dashboards, charts or datasets by authenticated users with read permissions. This issue affects Apache Superset: through 4.1.1. Users are recommended to upgrade to version 4.1.2 or above, which fixes the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 09:15:00 GMT

read more

CVE-2025-3916 - Adobe Photoshop Stack-based Buffer Overflow Remote Code Execution Vulnerability

CVE ID : CVE-2025-3916
Published : May 13, 2025, 9:15 a.m. | 28 minutes ago
Description : CWE-121: Stack-based Buffer Overflow vulnerability exists that could cause local attackers being able to exploit these issues to potentially execute arbitrary code while the end user opens a malicious project file (SSD file) provided by the attacker.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 09:15:00 GMT

read more

CVE-2025-41645 - D-Link Device Hijacking Vulnerability

CVE ID : CVE-2025-41645
Published : May 13, 2025, 9:15 a.m. | 28 minutes ago
Description : An unauthenticated remote attacker could use a demo account of the portal to hijack devices that were created in that account by mistake.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 09:15:00 GMT

read more

Lettres drsquo;information

Actualités, contenus et ressources thématiques pour vous sensibiliser aux risques numériques et aux bonnes pratiques associées, informations sur les cybermenaces… Retrouvez dans cette section les lettres d’informations de Cybermalveillance.gouv.fr.

Tue, 13 May 2025 09:00:00 GMT

read more

CVE-2025-3107 - "WordPress Newsletters SQL Injection Vulnerability"

CVE ID : CVE-2025-3107
Published : May 13, 2025, 7:15 a.m. | 2 hours, 28 minutes ago
Description : The Newsletters plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby' parameter in all versions up to, and including, 4.9.9.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 07:15:00 GMT

read more

CVE-2025-4317 - TheGem WordPress Theme Arbitrary File Upload Vulnerability

CVE ID : CVE-2025-4317
Published : May 13, 2025, 7:15 a.m. | 2 hours, 28 minutes ago
Description : The TheGem theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the thegem_get_logo_url() function in all versions up to, and including, 5.10.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 07:15:00 GMT

read more

CVE-2025-4339 - WordPress TheGem Theme Unauthenticated Theme Option Update Vulnerability

CVE ID : CVE-2025-4339
Published : May 13, 2025, 7:15 a.m. | 2 hours, 28 minutes ago
Description : The TheGem theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxApi() function in all versions up to, and including, 5.10.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary theme options.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 07:15:00 GMT

read more

CVE-2025-4473 - WordPress Frontend Dashboard Plugin Privilege Escalation Vulnerability

CVE ID : CVE-2025-4473
Published : May 13, 2025, 7:15 a.m. | 2 hours, 28 minutes ago
Description : The Frontend Dashboard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the ajax_request() function in versions 1.0 to 2.2.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to control where the plugin sends outgoing emails. By pointing SMTP to their own server, attackers could capture password reset emails intended for administrators, and elevate their privileges for full site takeover.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 07:15:00 GMT

read more

CVE-2025-4474 - WordPress Frontend Dashboard Plugin Privilege Escalation Vulnerability

CVE ID : CVE-2025-4474
Published : May 13, 2025, 7:15 a.m. | 2 hours, 28 minutes ago
Description : The Frontend Dashboard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the fed_admin_setting_form_function() function in versions 1.0 to 2.2.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to overwrite the plugin’s 'register' role setting to make new user registrations default to the administrator role, leading to an elevation of privileges to that of an administrator.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 07:15:00 GMT

read more

CVE-2025-22246 - Cloud Foundry UAA Authentication Bypass

CVE ID : CVE-2025-22246
Published : May 13, 2025, 6:15 a.m. | 3 hours, 28 minutes ago
Description : Cloud Foundry UAA release versions from v77.21.0 to v7.31.0 are vulnerable to a private key exposure in logs.
Severity: 3.0 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 06:15:00 GMT

read more

CVE-2025-22249 - VMware Aria Automation DOM Based Cross-Site Scripting (XSS)

CVE ID : CVE-2025-22249
Published : May 13, 2025, 6:15 a.m. | 3 hours, 28 minutes ago
Description : VMware Aria automation contains a DOM based Cross-Site Scripting (XSS) vulnerability. A malicious actor may exploit this issue to steal the access token of a logged in user of VMware Aria automation appliance by tricking the user into clicking a malicious crafted payload URL.
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 06:15:00 GMT

read more

CVE-2025-4632 - Samsung MagicINFO 9 Server Path Traversal Write Arbitrary File Vulnerability

CVE ID : CVE-2025-4632
Published : May 13, 2025, 6:15 a.m. | 3 hours, 28 minutes ago
Description : Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1052 allows attackers to write arbitrary file as system authority.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 06:15:00 GMT

read more

CVE-2025-47858 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-47858
Published : May 13, 2025, 4:16 a.m. | 5 hours, 27 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 04:16:00 GMT

read more

CVE-2025-47859 - Apache HTTP Server Information Disclosure

CVE ID : CVE-2025-47859
Published : May 13, 2025, 4:16 a.m. | 5 hours, 27 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 04:16:00 GMT

read more

CVE-2025-47860 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-47860
Published : May 13, 2025, 4:16 a.m. | 5 hours, 27 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 04:16:00 GMT

read more

CVE-2025-47861 - Apache HTTP Server Denial of Service

CVE ID : CVE-2025-47861
Published : May 13, 2025, 4:16 a.m. | 5 hours, 27 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 04:16:00 GMT

read more

CVE-2025-47862 - Apache HTTP Web Server Information Disclosure

CVE ID : CVE-2025-47862
Published : May 13, 2025, 4:16 a.m. | 5 hours, 27 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 04:16:00 GMT

read more

CVE-2025-47863 - Google Chrome Denial of Service

CVE ID : CVE-2025-47863
Published : May 13, 2025, 4:16 a.m. | 5 hours, 27 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 04:16:00 GMT

read more

CVE-2025-47864 - Apache HTTP Server XML Entity Injection Vulnerability

CVE ID : CVE-2025-47864
Published : May 13, 2025, 4:16 a.m. | 5 hours, 27 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 04:16:00 GMT

read more

CVE-2025-4396 - Relevanssi WordPress SQL Injection

CVE ID : CVE-2025-4396
Published : May 13, 2025, 4:16 a.m. | 5 hours, 27 minutes ago
Description : The Relevanssi – A Better Search plugin for WordPress is vulnerable to time-based SQL Injection via the cats and tags query parameters in all versions up to, and including, 4.24.4 (Free) and <= 2.27.4 (Premium) due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries to already existing queries that can be used to extract sensitive information from the database.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 04:16:00 GMT

read more

CVE-2025-35471 - Conda Forge OpenSSL-Feedstock Local Privilege Escalation

CVE ID : CVE-2025-35471
Published : May 13, 2025, 2:15 a.m. | 7 hours, 28 minutes ago
Description : conda-forge openssl-feedstock before 066e83c (2024-05-20), on Microsoft Windows, configures OpenSSL to use an OPENSSLDIR file path that can be written to by non-privilged local users. By writing a specially crafted openssl.cnf file in OPENSSLDIR, a non-privileged local user can execute arbitrary code with the privileges of the user or process loading openssl-feedstock DLLs. Miniforge before 24.5.0 is also affected.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 02:15:00 GMT

read more

CVE-2025-43007 - SAP Service Parts Management Privilege Escalation Vulnerability

CVE ID : CVE-2025-43007
Published : May 13, 2025, 1:15 a.m. | 8 hours, 28 minutes ago
Description : SAP Service Parts Management (SPM) does not perform necessary authorization checks for an authenticated user, allowing an attacker to escalate privileges. This has low impact on confidentiality, integrity and availability of the application.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 01:15:00 GMT

read more

CVE-2025-43008 - Microsoft SharePoint Information Disclosure Vulnerability

CVE ID : CVE-2025-43008
Published : May 13, 2025, 1:15 a.m. | 8 hours, 28 minutes ago
Description : Due to missing authorization check, an unauthorized user can view the files of other company. This might lead to disclosure of personal data of employees. There is no impact on integrity and availability.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 01:15:00 GMT

read more

CVE-2025-43009 - SAP Service Parts Management Privilege Escalation Vulnerability

CVE ID : CVE-2025-43009
Published : May 13, 2025, 1:15 a.m. | 8 hours, 28 minutes ago
Description : SAP Service Parts Management (SPM) does not perform necessary authorization checks for an authenticated user, allowing an attacker to escalate privileges. This has low impact on Confidentiality, integrity and availability of the application.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 01:15:00 GMT

read more

CVE-2025-43010 - SAP S/4HANA Cloud Private Edition or on Premise ABAP Program Replacement Remote Code Execution Vulnerability

CVE ID : CVE-2025-43010
Published : May 13, 2025, 1:15 a.m. | 8 hours, 28 minutes ago
Description : SAP S/4HANA Cloud Private Edition or on Premise (SCM Master Data Layer (MDL)) allows an authenticated attacker with SAP standard authorization to execute a certain function module remotely and replace arbitrary ABAP programs, including SAP standard programs. This is due to lack of input validation and no authorization checks. This has low Confidentiality impact but high impact on integrity and availability to the application.
Severity: 8.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 01:15:00 GMT

read more

CVE-2025-43011 - SAP Landscape Transformation Authorization Bypass Vulnerability

CVE ID : CVE-2025-43011
Published : May 13, 2025, 1:15 a.m. | 8 hours, 28 minutes ago
Description : Under certain conditions, SAP Landscape Transformation's PCL Basis module does not perform the necessary authorization checks, allowing authenticated users to access restricted functionalities or data. This can lead to a high impact on confidentiality with no impact on the integrity or availability of the application.
Severity: 7.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 01:15:00 GMT

read more

CVE-2025-43004 - Apache Cassandra Authentication Bypass Vulnerability

CVE ID : CVE-2025-43004
Published : May 13, 2025, 1:15 a.m. | 7 hours, 33 minutes ago
Description : Due to a security misconfiguration vulnerability, customers can develop Production Operator Dashboards (PODs) that enable outside users to access customer data when they access these dashboards. Since no mechanisms exist to enforce authentication, malicious unauthenticated users can view non-sensitive customer information. However, this does not affect data integrity or availability.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 01:15:00 GMT

read more

CVE-2025-43005 - SAP GUI for Windows Insecure Credential Storage Vulnerability

CVE ID : CVE-2025-43005
Published : May 13, 2025, 1:15 a.m. | 7 hours, 33 minutes ago
Description : SAP GUI for Windows allows an unauthenticated attacker to exploit insecure obfuscation algorithms used by the GuiXT application to store user credentials. While this issue does not impact the Integrity or Availability of the application, it may have a Low impact on the Confidentiality of data.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 01:15:00 GMT

read more

CVE-2025-43006 - SAP Supplier Relationship Management XSS Vulnerability

CVE ID : CVE-2025-43006
Published : May 13, 2025, 1:15 a.m. | 7 hours, 33 minutes ago
Description : SAP Supplier Relationship Management (Master Data Management Catalogue) allows an unauthenticated attacker to execute malicious scripts in the application, potentially leading to a Cross-Site Scripting (XSS) vulnerability. This has no impact on the availability of the application, but it can have some minor impact on its confidentiality and integrity.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 01:15:00 GMT

read more

CVE-2025-42997 - SAP Gateway Client Information Disclosure

CVE ID : CVE-2025-42997
Published : May 13, 2025, 1:15 a.m. | 5 hours, 48 minutes ago
Description : Under certain conditions, SAP Gateway Client allows a high-privileged user to access restricted information beyond the scope of the application. Due to the possibility of influencing application behavior or performance through misuse of the exposed data, this may potentially lead to low impact on confidentiality, integrity, and availability.
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 01:15:00 GMT

read more

CVE-2025-42999 - SAP NetWeaver Remote Code Execution

CVE ID : CVE-2025-42999
Published : May 13, 2025, 1:15 a.m. | 5 hours, 48 minutes ago
Description : SAP NetWeaver Visual Composer Metadata Uploader is vulnerable when a privileged user can upload untrusted or malicious content which, when deserialized, could potentially lead to a compromise of confidentiality, integrity, and availability of the host system.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 01:15:00 GMT

read more

CVE-2025-43000 - Apache Struts Information Disclosure Vulnerability

CVE ID : CVE-2025-43000
Published : May 13, 2025, 1:15 a.m. | 5 hours, 48 minutes ago
Description : Under certain conditions Promotion Management Wizard (PMW) allows an attacker to access information which would otherwise be restricted.This has High impact on Confidentiality with Low impact on Integrity and Availability of the application.
Severity: 7.9 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 01:15:00 GMT

read more

CVE-2025-43002 - SAP S4CORE OData Information Disclosure

CVE ID : CVE-2025-43002
Published : May 13, 2025, 1:15 a.m. | 5 hours, 48 minutes ago
Description : SAP S4CORE OData meta-data property allows an authenticated attacker to access restricted information due to missing authorization check. This could cause a low impact on confidentiality but integrity and availability of the application are not impacted.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 01:15:00 GMT

read more

CVE-2025-43003 - SAP S/4 HANA Configuration Privilege Escalation

CVE ID : CVE-2025-43003
Published : May 13, 2025, 1:15 a.m. | 5 hours, 48 minutes ago
Description : SAP S/4 HANA allows an authenticated attacker with user privileges to configure a field not intended for their access and create a custom UI layout displaying this field. On performing this step the attacker could gain access to highly sensitive information. This could cause a high impact on confidentiality and minimal impact on integrity and availability of the application.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 01:15:00 GMT

read more

CVE-2025-30012 - SAP SRM Java Applet Deserialization Vulnerability

CVE ID : CVE-2025-30012
Published : May 13, 2025, 1:15 a.m. | 3 hours, 41 minutes ago
Description : The Live Auction Cockpit in SAP Supplier Relationship Management (SRM) uses a deprecated java applet component within the affected SRM stack to accept binary Java objects in specific encoding format. On successful exploitation, an authenticated attacker with high privileges could send malicious payload request and receive an outbound DNS request, resulting in deserialization of data in the application. This vulnerability has low impact on confidentiality, integrity and availability of the application.
Severity: 3.9 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 01:15:00 GMT

read more

CVE-2025-30018 - SAP SRM Information Disclosure

CVE ID : CVE-2025-30018
Published : May 13, 2025, 1:15 a.m. | 3 hours, 41 minutes ago
Description : The Live Auction Cockpit in SAP Supplier Relationship Management (SRM) allows an unauthenticated attacker to submit an application servlet request with a crafted XML file which when parsed, enables the attacker to access sensitive files and data. This vulnerability has a high impact on the application's confidentiality, with no effect on integrity and availability of the application.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 01:15:00 GMT

read more

CVE-2025-31329 - SAP NetWeaver Information Disclosure Injection Vulnerability

CVE ID : CVE-2025-31329
Published : May 13, 2025, 1:15 a.m. | 3 hours, 41 minutes ago
Description : SAP NetWeaver is vulnerable to an Information Disclosure vulnerability caused by the injection of malicious instructions into user configuration settings. An attacker with administrative privileges can craft these instructions so that when accessed by the victim, sensitive information such as user credentials is exposed. These credentials may then be used to gain unauthorized access to local or adjacent systems. This results in high impact to Confidentiality, with no significant effect on Integrity or Availability.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 01:15:00 GMT

read more

CVE-2025-26662 - Apache Data Services Management Console Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-26662
Published : May 13, 2025, 1:15 a.m. | 2 hours, 27 minutes ago
Description : The Data Services Management Console does not sufficiently encode user-controlled inputs, allowing an attacker to inject malicious script. When a targeted victim, who is already logged in, clicks on the compromised link, the injected script gets executed within the scope of victim�s browser. This potentially leads to an impact on confidentiality and integrity. Availability is not impacted.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 01:15:00 GMT

read more

CVE-2025-30009 - SAP SRM Live Auction Cockpit Java Applet Remote Code Execution Vulnerability

CVE ID : CVE-2025-30009
Published : May 13, 2025, 1:15 a.m. | 2 hours, 27 minutes ago
Description : he Live Auction Cockpit in SAP Supplier Relationship Management (SRM) uses a deprecated java applet component within the affected SRM packages which allows an unauthenticated attacker to execute malicious script in the victim�s browser. This vulnerability has low impact on confidentiality and integrity within the scope of that victim�s browser, with no effect on availability of the application
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 01:15:00 GMT

read more

CVE-2025-30010 - SAP SRM Java Applet Cross-Site Scripting (XSS)

CVE ID : CVE-2025-30010
Published : May 13, 2025, 1:15 a.m. | 2 hours, 27 minutes ago
Description : The Live Auction Cockpit in SAP Supplier Relationship Management (SRM) uses a deprecated java applet component within the affected SRM packages which allows an unauthenticated attacker to craft a malicious link, which when clicked by a victim, redirects the browser to a malicious site. On successful exploitation, the attacker could cause low impact on confidentiality and integrity with no impact on the availability of the application.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 01:15:00 GMT

read more

CVE-2025-30011 - SAP SRM Java Applet Information Disclosure

CVE ID : CVE-2025-30011
Published : May 13, 2025, 1:15 a.m. | 2 hours, 27 minutes ago
Description : The Live Auction Cockpit in SAP Supplier Relationship Management (SRM) uses a deprecated java applet component within the affected SRM packages which allows an unauthenticated attacker to send an malicious request to the application, which could disclose the internal version details of the affected system. This vulnerability has low impact on confidentiality, with no effect on integrity and availability of the application.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 01:15:00 GMT

read more

CVE-2023-49641 - Oracle Billing Software SQL Injection Vulnerability

CVE ID : CVE-2023-49641
Published : May 13, 2025, 12:15 a.m. | 3 hours, 28 minutes ago
Description : Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'username' parameter of the loginCheck.php resource does not validate the characters received and they are sent unfiltered to the database.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 13 May 2025 00:15:00 GMT

read more

Fuite de données chez Pulsy

nom, prénom, genre, date de naissance, commune de naissance, adresse postale, téléphone, email, données médicales, parcours de soin, date et lieux des hospitalisations

Tue May 13 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Fuite de données chez Dior

Tue May 13 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

CVE-2025-46825 - Kanboard Stored Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-46825
Published : May 12, 2025, 11:15 p.m. | 4 hours, 28 minutes ago
Description : Kanboard is project management software that focuses on the Kanban methodology. Versions 1.2.26 through 1.2.44 have a Stored Cross-Site Scripting (XSS) Vulnerability in the `name` parameter of the `http://localhost/?controller=ProjectCreationController&action=create` form. This vulnerability allows attackers to inject malicious scripts into web pages viewed by other users. Note that the default content security policy (CSP) blocks the JavaScript attack, though it can be exploited if an instance is badly configured and the software is vulnerable to CSS injection because of the unsafe-inline on the default CSP. Version 1.2.45 contains a fix for the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 23:15:00 GMT

read more

CVE-2025-31259 - Apple macOS Sequoia Privilege Escalation Vulnerability

CVE ID : CVE-2025-31259
Published : May 12, 2025, 10:15 p.m. | 5 hours, 28 minutes ago
Description : The issue was addressed with improved input sanitization. This issue is fixed in macOS Sequoia 15.5. An app may be able to gain elevated privileges.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 22:15:00 GMT

read more

CVE-2025-31260 - Apple macOS Sequoia Permission Escalation Vulnerability

CVE ID : CVE-2025-31260
Published : May 12, 2025, 10:15 p.m. | 5 hours, 28 minutes ago
Description : A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.5. An app may be able to access sensitive user data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 22:15:00 GMT

read more

CVE-2025-31233 - Apple Video File Processing Buffer Overflow

CVE ID : CVE-2025-31233
Published : May 12, 2025, 10:15 p.m. | 2 hours, 44 minutes ago
Description : The issue was addressed with improved input sanitization. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. Processing a maliciously crafted video file may lead to unexpected app termination or corrupt process memory.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 22:15:00 GMT

read more

CVE-2025-31234 - Apple VisionOS iOS iPadOS macOS tvOS Kernel Corruption Vulnerability

CVE ID : CVE-2025-31234
Published : May 12, 2025, 10:15 p.m. | 2 hours, 44 minutes ago
Description : The issue was addressed with improved input sanitization. This issue is fixed in visionOS 2.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5. An attacker may be able to cause unexpected system termination or corrupt kernel memory.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 22:15:00 GMT

read more

CVE-2025-31235 - "Apple iPadOS and macOS Double Free Vulnerability"

CVE ID : CVE-2025-31235
Published : May 12, 2025, 10:15 p.m. | 2 hours, 44 minutes ago
Description : A double free issue was addressed with improved memory management. This issue is fixed in iPadOS 17.7.7, macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. An app may be able to cause unexpected system termination.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 22:15:00 GMT

read more

CVE-2025-31236 - Apple macOS Sequoia Information Disclosure Vulnerability

CVE ID : CVE-2025-31236
Published : May 12, 2025, 10:15 p.m. | 2 hours, 44 minutes ago
Description : An information disclosure issue was addressed with improved privacy controls. This issue is fixed in macOS Sequoia 15.5. An app may be able to access sensitive user data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 22:15:00 GMT

read more

CVE-2025-31237 - Apple AFP Network Share System Termination Vulnerability

CVE ID : CVE-2025-31237
Published : May 12, 2025, 10:15 p.m. | 2 hours, 44 minutes ago
Description : This issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. Mounting a maliciously crafted AFP network share may lead to system termination.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 22:15:00 GMT

read more

CVE-2025-31238 - Apple Safari Web Content Memory Corruption Vulnerability

CVE ID : CVE-2025-31238
Published : May 12, 2025, 10:15 p.m. | 2 hours, 44 minutes ago
Description : The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to memory corruption.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 22:15:00 GMT

read more

CVE-2025-31239 - Apple File Parsing Use-after-free Vulnerability

CVE ID : CVE-2025-31239
Published : May 12, 2025, 10:15 p.m. | 2 hours, 44 minutes ago
Description : A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. Parsing a file may lead to an unexpected app termination.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 22:15:00 GMT

read more

CVE-2025-31240 - Apple AFP Network Share Remote Code Execution Vulnerability

CVE ID : CVE-2025-31240
Published : May 12, 2025, 10:15 p.m. | 2 hours, 44 minutes ago
Description : This issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. Mounting a maliciously crafted AFP network share may lead to system termination.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 22:15:00 GMT

read more

CVE-2025-31241 - Apple iOS/WatchOS tvOS/PadOS Double Free Vulnerability

CVE ID : CVE-2025-31241
Published : May 12, 2025, 10:15 p.m. | 2 hours, 44 minutes ago
Description : A double free issue was addressed with improved memory management. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. A remote attacker may cause an unexpected app termination.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 22:15:00 GMT

read more

CVE-2025-31242 - Apple iPadOS and macOS Private Data Exposure Vulnerability

CVE ID : CVE-2025-31242
Published : May 12, 2025, 10:15 p.m. | 2 hours, 44 minutes ago
Description : A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iPadOS 17.7.7, macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. An app may be able to access sensitive user data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 22:15:00 GMT

read more

CVE-2025-31244 - Apple macOS Sandbox Escalation

CVE ID : CVE-2025-31244
Published : May 12, 2025, 10:15 p.m. | 2 hours, 44 minutes ago
Description : A file quarantine bypass was addressed with additional checks. This issue is fixed in macOS Sequoia 15.5. An app may be able to break out of its sandbox.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 22:15:00 GMT

read more

CVE-2025-31245 - Apple macOS Denial of Service Vulnerability

CVE ID : CVE-2025-31245
Published : May 12, 2025, 10:15 p.m. | 2 hours, 44 minutes ago
Description : The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. An app may be able to cause unexpected system termination.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 22:15:00 GMT

read more

CVE-2025-31246 - Apple macOS AFP Server Kernel Memory Corruption Vulnerability

CVE ID : CVE-2025-31246
Published : May 12, 2025, 10:15 p.m. | 2 hours, 44 minutes ago
Description : The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.5, macOS Sonoma 14.7.6. Connecting to a malicious AFP server may corrupt kernel memory.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 22:15:00 GMT

read more

CVE-2025-31247 - Apple macOS Unauthorized File System Access

CVE ID : CVE-2025-31247
Published : May 12, 2025, 10:15 p.m. | 2 hours, 44 minutes ago
Description : A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. An attacker may gain access to protected parts of the file system.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 22:15:00 GMT

read more

CVE-2025-31249 - Apple macOS Sequoia Logic Flaw Allows Sensitive Data Exposure

CVE ID : CVE-2025-31249
Published : May 12, 2025, 10:15 p.m. | 2 hours, 44 minutes ago
Description : A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.5. An app may be able to access sensitive user data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 22:15:00 GMT

read more

CVE-2025-31250 - Apple macOS Sequoia Information Disclosure Vulnerability

CVE ID : CVE-2025-31250
Published : May 12, 2025, 10:15 p.m. | 2 hours, 44 minutes ago
Description : An information disclosure issue was addressed with improved privacy controls. This issue is fixed in macOS Sequoia 15.5. An app may be able to access sensitive user data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 22:15:00 GMT

read more

CVE-2025-31251 - Apple Media File Processing Denial of Service

CVE ID : CVE-2025-31251
Published : May 12, 2025, 10:15 p.m. | 2 hours, 44 minutes ago
Description : The issue was addressed with improved input sanitization. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 22:15:00 GMT

read more

CVE-2025-31253 - Apple FaceTime Audio Muting Vulnerability

CVE ID : CVE-2025-31253
Published : May 12, 2025, 10:15 p.m. | 2 hours, 44 minutes ago
Description : This issue was addressed through improved state management. This issue is fixed in iOS 18.5 and iPadOS 18.5. Muting the microphone during a FaceTime call may not result in audio being silenced.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 22:15:00 GMT

read more

CVE-2025-31256 - Apple Notes Cache Exposure Vulnerability

CVE ID : CVE-2025-31256
Published : May 12, 2025, 10:15 p.m. | 2 hours, 44 minutes ago
Description : The issue was addressed with improved handling of caches. This issue is fixed in macOS Sequoia 15.5. Hot corner may unexpectedly reveal a user’s deleted notes.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 22:15:00 GMT

read more

CVE-2025-31257 - Apple Safari Web Content Processing Memory Corruption Vulnerability

CVE ID : CVE-2025-31257
Published : May 12, 2025, 10:15 p.m. | 2 hours, 44 minutes ago
Description : This issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 22:15:00 GMT

read more

CVE-2025-31258 - This issue was addressed by removing the vulnerabl

CVE ID : CVE-2025-31258
Published : May 12, 2025, 10:15 p.m. | 2 hours, 44 minutes ago
Description : This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.5. An app may be able to break out of its sandbox.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 22:15:00 GMT

read more

CVE-2025-31232 - Apple macOS Sensitive Data Access Vulnerability

CVE ID : CVE-2025-31232
Published : May 12, 2025, 10:15 p.m. | 1 hour, 15 minutes ago
Description : A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. A sandboxed app may be able to access sensitive user data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 22:15:00 GMT

read more

CVE-2025-31228 - Apple Notes Lock Screen Authentication Bypass Vulnerability

CVE ID : CVE-2025-31228
Published : May 12, 2025, 10:15 p.m. | 41 minutes ago
Description : The issue was addressed with improved authentication. This issue is fixed in iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5. An attacker with physical access to a device may be able to access notes from the lock screen.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 22:15:00 GMT

read more

CVE-2025-1079 - Google Web Designer Unvalidated Symbolic Link Resolution Remote Code Execution Vulnerability

CVE ID : CVE-2025-1079
Published : May 12, 2025, 8:15 p.m. | 1 hour, 7 minutes ago
Description : Client RCE on macOS and Linux via improper symbolic link resolution in Google Web Designer's preview feature
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 20:15:00 GMT

read more

CVE-2024-4981 - Pagure Git Repository Symbolic Link Exfiltration

CVE ID : CVE-2024-4981
Published : May 12, 2025, 7:15 p.m. | 2 hours, 7 minutes ago
Description : A vulnerability was discovered in Pagure server. If a malicious user were to submit a git repository with symbolic links, the server could unintentionally show incorporate and make visible content from outside the git repo.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 19:15:00 GMT

read more

CVE-2024-4982 - Pagure Git Directory Traversal Vulnerability

CVE ID : CVE-2024-4982
Published : May 12, 2025, 7:15 p.m. | 2 hours, 7 minutes ago
Description : A directory traversal vulnerability was discovered in Pagure server. If a malicious user submits a specially cratfted git repository they could discover secrets on the server.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 19:15:00 GMT

read more

CVE-2024-55466 - ThingsBoard Image Gallery Remote Code Execution

CVE ID : CVE-2024-55466
Published : May 12, 2025, 7:15 p.m. | 2 hours, 7 minutes ago
Description : An arbitrary file upload vulnerability in the Image Gallery of ThingsBoard Community, ThingsBoard Cloud and ThingsBoard Professional v3.8.1 allows attackers to execute arbitrary code via uploading a crafted file.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 19:15:00 GMT

read more

CVE-2025-47682 - Cozy Vision Technologies Pvt. Ltd. SMS Alert Order Notifications – WooCommerce SQL Injection

CVE ID : CVE-2025-47682
Published : May 12, 2025, 7:15 p.m. | 2 hours, 7 minutes ago
Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cozy Vision Technologies Pvt. Ltd. SMS Alert Order Notifications – WooCommerce allows SQL Injection.This issue affects SMS Alert Order Notifications – WooCommerce: from n/a through 3.8.2.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 19:15:00 GMT

read more

CVE-2023-34732 - Flytxt NEON-dX Password Brute Force Vulnerability

CVE ID : CVE-2023-34732
Published : May 12, 2025, 6:15 p.m. | 3 hours, 7 minutes ago
Description : An issue in the userId parameter in the change password function of Flytxt NEON-dX v0.0.1-SNAPSHOT-6.9-qa-2-9-g5502a0c allows attackers to execute brute force attacks to discover user passwords.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 18:15:00 GMT

read more

CVE-2025-44175 - "Tenda AC10 Buffer Overflow Vulnerability"

CVE ID : CVE-2025-44175
Published : May 12, 2025, 6:15 p.m. | 3 hours, 7 minutes ago
Description : Tenda AC10 v4 V16.03.10.13 is vulnerable to Buffer Overflow in the GetParentControlInfo function.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 18:15:00 GMT

read more

CVE-2025-44176 - Tenda FH451 Unauthenticated Remote Code Execution Vulnerability

CVE ID : CVE-2025-44176
Published : May 12, 2025, 6:15 p.m. | 3 hours, 7 minutes ago
Description : Tenda FH451 V1.0.0.9 is vulnerable to Remote Code Execution in the formSafeEmailFilter function.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 18:15:00 GMT

read more

CVE-2025-3632 - IBM 4769 Developers Toolkit Buffer Overflow Denial of Service

CVE ID : CVE-2025-3632
Published : May 12, 2025, 5:15 p.m. | 4 hours, 7 minutes ago
Description : IBM 4769 Developers Toolkit 7.0.0 through 7.5.52 could allow a remote attacker to cause a denial of service in the Hardware Security Module (HSM) due to improper memory allocation of an excessive size.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 17:15:00 GMT

read more

CVE-2025-45779 - Tenda AC10 Unauthenticated Buffer Overflow

CVE ID : CVE-2025-45779
Published : May 12, 2025, 5:15 p.m. | 4 hours, 7 minutes ago
Description : Tenda AC10 V1.0re_V15.03.06.46 is vulnerable to Buffer Overflow in the formSetPPTPUserList handler via the list POST parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 17:15:00 GMT

read more

CVE-2025-46739 - Adobe Acrobat Authentication Bypass

CVE ID : CVE-2025-46739
Published : May 12, 2025, 5:15 p.m. | 4 hours, 7 minutes ago
Description : An unauthenticated user could discover account credentials via a brute-force attack without rate limiting
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 17:15:00 GMT

read more

CVE-2025-46740 - Adobe Acrobat Account Name Manipulation Vulnerability

CVE ID : CVE-2025-46740
Published : May 12, 2025, 5:15 p.m. | 4 hours, 7 minutes ago
Description : An authenticated user without user administrative permissions could change the administrator Account Name.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 17:15:00 GMT

read more

CVE-2025-46741 - Blueframe Session Fixation Vulnerability

CVE ID : CVE-2025-46741
Published : May 12, 2025, 5:15 p.m. | 4 hours, 7 minutes ago
Description : A suspended or recently logged-out user could continue to interact with Blueframe until the time-out period occurred.
Severity: 5.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 17:15:00 GMT

read more

CVE-2025-46742 - Oracle WebLogic Server Authentication Bypass

CVE ID : CVE-2025-46742
Published : May 12, 2025, 5:15 p.m. | 4 hours, 7 minutes ago
Description : Users who were required to change their password could still access system information before changing their password
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 17:15:00 GMT

read more

CVE-2025-46743 - Apache HTTP Server Session Token Reuse

CVE ID : CVE-2025-46743
Published : May 12, 2025, 5:15 p.m. | 4 hours, 7 minutes ago
Description : An authenticated user's token could be used by another source after the user had logged out prior to the token expiring.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 17:15:00 GMT

read more

CVE-2025-46744 - Apache Struts Username Manipulation

CVE ID : CVE-2025-46744
Published : May 12, 2025, 5:15 p.m. | 4 hours, 7 minutes ago
Description : An authenticated administrator could modify the Created By username for a user account
Severity: 2.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 17:15:00 GMT

read more

CVE-2025-46745 - Apache User Account Information Disclosure

CVE ID : CVE-2025-46745
Published : May 12, 2025, 5:15 p.m. | 4 hours, 7 minutes ago
Description : An authenticated user without user-management permissions could view other users' account information.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 17:15:00 GMT

read more

CVE-2025-46746 - Citrix SharePoint Information Disclosure

CVE ID : CVE-2025-46746
Published : May 12, 2025, 5:15 p.m. | 4 hours, 7 minutes ago
Description : An administrator could discover another account's credentials.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 17:15:00 GMT

read more

CVE-2025-46747 - Adobe Acrobat Information Disclosure Vulnerability

CVE ID : CVE-2025-46747
Published : May 12, 2025, 5:15 p.m. | 4 hours, 7 minutes ago
Description : An authenticated user without user-management permissions could identify other user accounts.
Severity: 5.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 17:15:00 GMT

read more

CVE-2025-46748 - Apache Password Change Vulnerability

CVE ID : CVE-2025-46748
Published : May 12, 2025, 5:15 p.m. | 4 hours, 7 minutes ago
Description : An authenticated user attempting to change their password could do so without using the current password.
Severity: 2.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 17:15:00 GMT

read more

CVE-2025-46749 - Apache Struts XSS

CVE ID : CVE-2025-46749
Published : May 12, 2025, 5:15 p.m. | 4 hours, 7 minutes ago
Description : An authenticated user could submit scripting to fields that lack proper input and output sanitization leading to subsequent client-side script execution.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 17:15:00 GMT

read more

CVE-2025-46750 - SELogic BIOS Password Bypass Vulnerability

CVE ID : CVE-2025-46750
Published : May 12, 2025, 5:15 p.m. | 4 hours, 7 minutes ago
Description : SEL BIOS packages prior to 1.3.49152.117 or 2.6.49152.98 allow a local attacker to bypass password authentication and change password-protected BIOS settings by importing a BIOS settings file with no password set.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 17:15:00 GMT

read more

CVE-2025-46737 - Cisco SEL Cross-Origin Resource Sharing (CORS) Vulnerability

CVE ID : CVE-2025-46737
Published : May 12, 2025, 4:15 p.m. | 5 hours, 7 minutes ago
Description : SEL-5037 Grid Configurator contains an overly permissive Cross Origin Resource Sharing (CORS) configuration for a data gateway service in the application. This gateway service includes an API which is not properly configured to reject requests from unexpected sources.
Severity: 7.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 16:15:00 GMT

read more

CVE-2025-46738 - Apache SEL arbitrary code execution vulnerability

CVE ID : CVE-2025-46738
Published : May 12, 2025, 4:15 p.m. | 5 hours, 7 minutes ago
Description : An authenticated attacker can maliciously modify layout data files in the SEL-5033 installation directory to execute arbitrary code.
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 16:15:00 GMT

read more

CVE-2025-47578 - Twitter Follow Button Cross-site Scripting Vulnerability

CVE ID : CVE-2025-47578
Published : May 12, 2025, 4:15 p.m. | 5 hours, 7 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Edward Caissie BNS Twitter Follow Button allows DOM-Based XSS.This issue affects BNS Twitter Follow Button: from n/a through 0.3.8.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 16:15:00 GMT

read more

CVE-2025-44830 - EngineerCMS SQL Injection

CVE ID : CVE-2025-44830
Published : May 12, 2025, 4:15 p.m. | 4 hours, 8 minutes ago
Description : EngineerCMS v1.02 through v.2.0.5 has a SQL injection vulnerability in the /project/addprojtemplet interface.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 16:15:00 GMT

read more

CVE-2025-44022 - Vvveb CMS Remote Code Execution

CVE ID : CVE-2025-44022
Published : May 12, 2025, 4:15 p.m. | 2 hours, 31 minutes ago
Description : An issue in vvveb CMS v.1.0.6 allows a remote attacker to execute arbitrary code via the Plugin mechanism.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 16:15:00 GMT

read more

CVE-2025-46717 - "Sudo-rs Path Traversal Information Disclosure"

CVE ID : CVE-2025-46717
Published : May 12, 2025, 3:16 p.m. | 3 hours, 30 minutes ago
Description : sudo-rs is a memory safe implementation of sudo and su written in Rust. Prior to version 0.2.6, users with no (or very limited) sudo privileges can determine whether files exists in folders that they otherwise cannot access using `sudo --list `. Users with local access to a machine can discover the existence/non-existence of certain files, revealing potentially sensitive information in the file names. This information can also be used in conjunction with other attacks. Version 0.2.6 fixes the vulnerability.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 15:16:00 GMT

read more

CVE-2025-46718 - "sudo-rs Sudo Privilege Listing Vulnerability"

CVE ID : CVE-2025-46718
Published : May 12, 2025, 3:16 p.m. | 3 hours, 30 minutes ago
Description : sudo-rs is a memory safe implementation of sudo and su written in Rust. Prior to version 0.2.6, users with limited sudo privileges (e.g. execution of a single command) can list sudo privileges of other users using the `-U` flag. This vulnerability allows users with limited sudo privileges to enumerate the sudoers file, revealing sensitive information about other users' permissions. Attackers can collect information that can be used to more targeted attacks. Systems where users either do not have sudo privileges or have the ability to run all commands as root through sudo (the default configuration on most systems) are not affected by this advisory. Version 0.2.6 fixes the vulnerability.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 15:16:00 GMT

read more

CVE-2025-47274 - ToolHive Inadvertent Secrets Storage Vulnerability

CVE ID : CVE-2025-47274
Published : May 12, 2025, 3:16 p.m. | 3 hours, 30 minutes ago
Description : ToolHive is a utility designed to simplify the deployment and management of Model Context Protocol (MCP) servers. Due to the ordering of code used to start an MCP server container, versions of ToolHive prior to 0.0.33 inadvertently store secrets in the run config files which are used to restart stopped containers. This means that an attacker who has access to the home folder of the user who starts the MCP server can read secrets without needing access to the secrets store itself. This only applies to secrets which were used in containers whose run configs exist at a point in time - other secrets remaining inaccessible. ToolHive 0.0.33 fixes the issue. Some workarounds are available. Stop and delete any running MCP servers, or manually remove any runconfigs from `$HOME/Library/Application Support/toolhive/runconfigs/` (macOS) or `$HOME/.state/toolhive/runconfigs/` (Linux).
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 15:16:00 GMT

read more

CVE-2025-46610 - Artec EMA Mail CSRF Vulnerability

CVE ID : CVE-2025-46610
Published : May 12, 2025, 3:16 p.m. | 1 hour, 40 minutes ago
Description : ARTEC EMA Mail 6.92 allows CSRF.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 15:16:00 GMT

read more

CVE-2025-46611 - ARTEC EMA Mail Cross Site Scripting Vulnerability

CVE ID : CVE-2025-46611
Published : May 12, 2025, 3:16 p.m. | 1 hour, 40 minutes ago
Description : Cross Site Scripting vulnerability in ARTEC EMA Mail v6.92 allows an attacker to execute arbitrary code via a crafted script.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 15:16:00 GMT

read more

CVE-2024-56523 - Radware Cloud Web Application Firewall (WAF) HTTP Request Smuggling

CVE ID : CVE-2024-56523
Published : May 12, 2025, 3:15 p.m. | 1 hour, 40 minutes ago
Description : Radware Cloud Web Application Firewall (WAF) before 2025-05-07 allows remote attackers to bypass firewall filters by placing random data in the HTTP request body when using the HTTP GET method.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 15:15:00 GMT

read more

CVE-2024-56524 - Radware Cloud Web Application Firewall (WAF) URL Filter Bypass Vulnerability

CVE ID : CVE-2024-56524
Published : May 12, 2025, 3:15 p.m. | 1 hour, 40 minutes ago
Description : Radware Cloud Web Application Firewall (WAF) before 2025-05-07 allows remote attackers to bypass firewall filters by adding a special character to the request.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 15:15:00 GMT

read more

CVE-2025-26841 - WPEverest Everest Forms Cross-Site Scripting (XSS)

CVE ID : CVE-2025-26841
Published : May 12, 2025, 3:15 p.m. | 1 hour, 40 minutes ago
Description : Cross Site Scripting vulnerability in WPEVEREST Everest Forms before 3.0.9 allows an attacker to execute arbitrary code via a file upload.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 15:15:00 GMT

read more

CVE-2025-26846 - Znuny Generic Interface Unauthenticated Remote Code Execution

CVE ID : CVE-2025-26846
Published : May 12, 2025, 3:15 p.m. | 1 hour, 40 minutes ago
Description : An issue was discovered in Znuny before 7.1.4. Permissions are not checked properly when using the Generic Interface to update ticket metadata.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 15:15:00 GMT

read more

CVE-2025-45835 - Netis WF2880 Null Pointer Dereference Vulnerability

CVE ID : CVE-2025-45835
Published : May 12, 2025, 2:15 p.m. | 2 hours, 41 minutes ago
Description : A null pointer dereference vulnerability was discovered in Netis WF2880 v2.1.40207. The vulnerability exists in the FUN_004904c8 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the environment variable value CONTENT_LENGTH, causing the program to crash and potentially leading to a denial-of-service (DoS) attack.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 14:15:00 GMT

read more

CVE-2025-40626 - AbanteCart Reflected Cross-Site Scripting (XSS)

CVE ID : CVE-2025-40626
Published : May 12, 2025, 12:15 p.m. | 4 hours, 41 minutes ago
Description : Reflected Cross-Site Scripting (XSS) vulnerability in AbanteCart v1.4.0, that could allow an attacker to execute JavaScript code in a victim's browser by sending the victim a malicious URL. This vulnerability can be exploited to steal sensitive user data, such as session cookies, or to perform actions on behalf of the user, through "/about_us?[XSS_PAYLOAD]".
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 12:15:00 GMT

read more

CVE-2025-40627 - AbanteCart Reflected Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-40627
Published : May 12, 2025, 12:15 p.m. | 4 hours, 41 minutes ago
Description : Reflected Cross-Site Scripting (XSS) vulnerability in AbanteCart v1.4.0, that could allow an attacker to execute JavaScript code in a victim's browser by sending the victim a malicious URL. This vulnerability can be exploited to steal sensitive user data, such as session cookies, or to perform actions on behalf of the user, through "/eyes? [XSS_PAYLOAD]".
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 12:15:00 GMT

read more

CVE-2025-22247 - VMware Tools Insecure File Handling Vulnerability

CVE ID : CVE-2025-22247
Published : May 12, 2025, 11:15 a.m. | 5 hours, 41 minutes ago
Description : VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 11:15:00 GMT

read more

CVE-2025-32390 - EspoCRM HTML Injection Vulnerability

CVE ID : CVE-2025-32390
Published : May 12, 2025, 11:15 a.m. | 5 hours, 41 minutes ago
Description : EspoCRM is a free, open-source customer relationship management platform. Prior to version 9.0.8, HTML Injection in Knowledge Base (KB) articles leads to complete page defacement imitating the login page. Authenticated users with the read knowledge article privilege can browse to the KB article and if they submit their credentials, they get captured in plain text. The vulnerability is allowed by overly permissive HTML editing being allowed on the KB articles. Any authenticated user with the privilege to read KB articles is impacted. In an enterprise with multiple applications, the malicious KB article could be edited to match the login pages of other applications, which would make it useful for credential harvesting against other applications as well. Version 9.0.8 contains a patch for the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 11:15:00 GMT

read more

CVE-2025-46729 - Julmud/phpDVDProfiler Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-46729
Published : May 12, 2025, 11:15 a.m. | 5 hours, 41 minutes ago
Description : julmud/phpDVDProfiler is an adoption of the defunct phpDVDProfiler project, which allows users to display on the web their DVD collections maintained with Invelos's DVDProfiler software. Starting in v_20230807 and prior to v_20250511, cross-site scripting in the search function. v_20250511 contains a patch for the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 11:15:00 GMT

read more

CVE-2025-47270 - Nimiq Albatross Denial of Service Buffer Overflow

CVE ID : CVE-2025-47270
Published : May 12, 2025, 11:15 a.m. | 5 hours, 41 minutes ago
Description : nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. The `nimiq-network-libp2p` subcrate of nimiq/core-rs-albatross is vulnerable to a Denial of Service (DoS) attack due to uncontrolled memory allocation. Specifically, the implementation of the `Discovery` network message handling allocates a buffer based on a length value provided by the peer, without enforcing an upper bound. Since this length is a `u32`, a peer can trigger allocations of up to 4 GB, potentially leading to memory exhaustion and node crashes. As Discovery messages are regularly exchanged for peer discovery, this vulnerability can be exploited repeatedly. The patch for this vulnerability is formally released as part of v1.1.0. The patch implements a limit to the discovery message size of 1 MB and also resizes the message buffer size incrementally as the data is read. No known workarounds are available.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 11:15:00 GMT

read more

CVE-2025-47271 - GitHub OZI Action Command Injection

CVE ID : CVE-2025-47271
Published : May 12, 2025, 11:15 a.m. | 5 hours, 41 minutes ago
Description : The OZI action is a GitHub Action that publishes releases to PyPI and mirror releases, signature bundles, and provenance in a tagged release. In versions 1.13.2 through 1.13.5, potentially untrusted data flows into PR creation logic. A malicious actor could construct a branch name that injects arbitrary code. This is patched in 1.13.6. As a workaround, one may downgrade to a version prior to 1.13.2.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 11:15:00 GMT

read more

CVE-2025-1533 - ASUS Armoury Crate App Stack Buffer Overflow

CVE ID : CVE-2025-1533
Published : May 12, 2025, 10:15 a.m. | 6 hours, 41 minutes ago
Description : A stack buffer overflow has been identified in the AsIO3.sys driver. This vulnerability can be triggered by input manipulation, may leading to a system crash (BSOD) or other potentially undefined execution. Refer to the 'Security Update for Armoury Crate App' section on the ASUS Security Advisory for more information.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 10:15:00 GMT

read more

CVE-2025-3496 - D-Link Bluetooth/RS-232 Buffer Overflow Vulnerability

CVE ID : CVE-2025-3496
Published : May 12, 2025, 8:15 a.m. | 8 hours, 41 minutes ago
Description : An unauthenticated remote attacker can cause a buffer overflow which could lead to unexpected behaviour or DoS via Bluetooth or RS-232 interface.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 08:15:00 GMT

read more

CVE-2025-41393 - Ricoh Web Image Monitor Reflected Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-41393
Published : May 12, 2025, 8:15 a.m. | 8 hours, 41 minutes ago
Description : Reflected cross-site scripting vulnerability exists in the laser printers and MFPs (multifunction printers) which implement Ricoh Web Image Monitor. If exploited, an arbitrary script may be executed on the web browser of the user who accessed Web Image Monitor. As for the details of affected product names and versions, refer to the information provided by the vendor under [References].
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 08:15:00 GMT

read more

CVE-2025-4560 - Netvision ISOinsight Missing Authentication Bypass Vulnerability

CVE ID : CVE-2025-4560
Published : May 12, 2025, 7:15 a.m. | 9 hours, 2 minutes ago
Description : The ISOinsight from Netvision has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to access certain system functions. These functions include viewing the administrator list, viewing and editing IP settings, and uploading files.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 07:15:00 GMT

read more

CVE-2025-4561 - KingFor KFOX Arbitrary File Upload Vulnerability

CVE ID : CVE-2025-4561
Published : May 12, 2025, 7:15 a.m. | 9 hours, 2 minutes ago
Description : The KFOX from KingFor has an Arbitrary File Upload vulnerability, allowing remote attackers with regular privilege to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 07:15:00 GMT

read more

CVE-2025-3597 - Firelight Lightbox WordPress Plugin Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3597
Published : May 12, 2025, 6:15 a.m. | 10 hours, 2 minutes ago
Description : The Firelight Lightbox WordPress plugin before 2.3.15 does not prevent users with post writing capabilities from executing arbitrary Javascript when the jQuery Metadata library is enabled. While this feature is meant to only be available to Pro version users, it can be activated in the free version too, making it theoretically exploitable there as well.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 06:15:00 GMT

read more

CVE-2025-3649 - LightPress Lightbox Stored XSS Vulnerability

CVE ID : CVE-2025-3649
Published : May 12, 2025, 6:15 a.m. | 10 hours, 2 minutes ago
Description : The LightPress Lightbox WordPress plugin before 2.3.4 does not check download links point to valid, non-Javascript URLs, allowing users with at least the contributor role to conduct Stored XSS attacks.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 06:15:00 GMT

read more

CVE-2025-4559 - Netvision ISOinsight SQL Injection

CVE ID : CVE-2025-4559
Published : May 12, 2025, 6:15 a.m. | 10 hours, 2 minutes ago
Description : The ISOinsight from Netvision has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 06:15:00 GMT

read more

CVE-2025-4558 - WormHole Tech GPM Unauthenticated Password Change Vulnerability

CVE ID : CVE-2025-4558
Published : May 12, 2025, 4:15 a.m. | 10 hours, 41 minutes ago
Description : The GPM from WormHole Tech has an Unverified Password Change vulnerability, allowing unauthenticated remote attackers to change any user's password and use the modified password to log into the system.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 04:15:00 GMT

read more

CVE-2025-4555 - Okcat Parking Management Platform ZONG YU Authentication Bypass Vulnerability

CVE ID : CVE-2025-4555
Published : May 12, 2025, 3:15 a.m. | 11 hours, 41 minutes ago
Description : The web management interface of Okcat Parking Management Platform from ZONG YU has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to directly access system functions. These functions include opening gates, viewing license plates and parking records, and restarting the system.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 03:15:00 GMT

read more

CVE-2025-4556 - Okcat Parking Management Platform ZONG YU Remote Code Execution (RCE)

CVE ID : CVE-2025-4556
Published : May 12, 2025, 3:15 a.m. | 11 hours, 41 minutes ago
Description : The web management interface of Okcat Parking Management Platform from ZONG YU has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 03:15:00 GMT

read more

CVE-2025-4557 - ZONG YU Parking Management System Missing Authentication Vulnerability

CVE ID : CVE-2025-4557
Published : May 12, 2025, 3:15 a.m. | 11 hours, 41 minutes ago
Description : The specific APIs of Parking Management System from ZONG YU has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to access specific APIs and operate system functions. These functions include opening gates and restarting the system.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 03:15:00 GMT

read more

CVE-2025-4553 - PHPGurukul Apartment Visitors Management System SQL Injection

CVE ID : CVE-2025-4553
Published : May 12, 2025, 1:15 a.m. | 13 hours, 40 minutes ago
Description : A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 01:15:00 GMT

read more

CVE-2025-4554 - PHPGurukul Apartment Visitors Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4554
Published : May 12, 2025, 1:15 a.m. | 13 hours, 40 minutes ago
Description : A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/bwdates-passreports-details.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 01:15:00 GMT

read more

CVE-2025-4552 - ContiNew Admin Remote Unverified Password Change Vulnerability

CVE ID : CVE-2025-4552
Published : May 12, 2025, 12:15 a.m. | 14 hours, 41 minutes ago
Description : A vulnerability has been found in ContiNew Admin up to 3.6.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /dev-api/system/user/1/password. The manipulation leads to unverified password change. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 12 May 2025 00:15:00 GMT

read more

CVE-2025-4550 - PHPGurukul Apartment Visitors Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4550
Published : May 11, 2025, 11:15 p.m. | 15 hours, 41 minutes ago
Description : A vulnerability, which was classified as critical, has been found in PHPGurukul Apartment Visitors Management System 1.0. This issue affects some unknown processing of the file /admin/pass-details.php. The manipulation of the argument pid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 11 May 2025 23:15:00 GMT

read more

CVE-2025-4551 - ContiNew Admin Cross Site Scripting Vulnerability

CVE ID : CVE-2025-4551
Published : May 11, 2025, 11:15 p.m. | 15 hours, 41 minutes ago
Description : A vulnerability, which was classified as problematic, was found in ContiNew Admin up to 3.6.0. Affected is an unknown function of the file /dev-api/common/file. The manipulation of the argument File leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 11 May 2025 23:15:00 GMT

read more

CVE-2025-4549 - Campcodes Online Food Ordering System SQL Injection Vulnerability

CVE ID : CVE-2025-4549
Published : May 11, 2025, 10:15 p.m. | 14 hours, 41 minutes ago
Description : A vulnerability classified as critical was found in Campcodes Online Food Ordering System 1.0. This vulnerability affects unknown code of the file /routers/register-router.php. The manipulation of the argument Name leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 11 May 2025 22:15:00 GMT

read more

CVE-2025-4548 - Campcodes Online Food Ordering System SQL Injection

CVE ID : CVE-2025-4548
Published : May 11, 2025, 10:15 p.m. | 13 hours, 52 minutes ago
Description : A vulnerability classified as critical has been found in Campcodes Online Food Ordering System 1.0. This affects an unknown part of the file /routers/router.php. The manipulation of the argument Username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 11 May 2025 22:15:00 GMT

read more

CVE-2025-4547 - SourceCodester Web-based Pharmacy Product Management System Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-4547
Published : May 11, 2025, 9:15 p.m. | 14 hours, 51 minutes ago
Description : A vulnerability was found in SourceCodester Web-based Pharmacy Product Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Add User Page. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Multiple parameters might be affected.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 11 May 2025 21:15:00 GMT

read more

CVE-2025-4545 - CTCMS File Handler Remote Path Traversal Vulnerability

CVE ID : CVE-2025-4545
Published : May 11, 2025, 8:15 p.m. | 14 hours, 41 minutes ago
Description : A vulnerability was found in CTCMS Content Management System 2.1.2. It has been classified as critical. Affected is the function del of the file ctcms\apps\controllers\admin\Tpl.php of the component File Handler. The manipulation of the argument File leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 11 May 2025 20:15:00 GMT

read more

CVE-2025-4546 - 1Panel-dev MaxKB CSV Injection Vulnerability

CVE ID : CVE-2025-4546
Published : May 11, 2025, 8:15 p.m. | 14 hours, 41 minutes ago
Description : A vulnerability was found in 1Panel-dev MaxKB up to 1.10.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Knowledge Base Module. The manipulation leads to csv injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.10.8 is able to address this issue. It is recommended to upgrade the affected component. The vendor was contacted early about this disclosure.
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 11 May 2025 20:15:00 GMT

read more

CVE-2025-4544 - D-Link DI-8100 Jhttpd Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-4544
Published : May 11, 2025, 7:15 p.m. | 15 hours, 40 minutes ago
Description : A vulnerability was found in D-Link DI-8100 up to 16.07.26A1 and classified as critical. This issue affects some unknown processing of the file /ddos.asp of the component jhttpd. The manipulation of the argument def_max/def_time/def_tcp_max/def_tcp_time/def_udp_max/def_udp_time/def_icmp_max leads to stack-based buffer overflow. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult.
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 11 May 2025 19:15:00 GMT

read more

CVE-2025-4542 - Freeebird Hotel Cross-Domain Policy Vulnerability

CVE ID : CVE-2025-4542
Published : May 11, 2025, 6:15 p.m. | 16 hours, 41 minutes ago
Description : A vulnerability, which was classified as problematic, has been found in Freeebird Hotel 酒店管理系统 API up to 1.2. Affected by this issue is some unknown functionality of the file /src/main/java/cn/mafangui/hotel/tool/SessionInterceptor.java. The manipulation leads to permissive cross-domain policy with untrusted domains. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used.
Severity: 3.1 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 11 May 2025 18:15:00 GMT

read more

CVE-2025-4543 - "LyLme Spage SQL Injection Vulnerability"

CVE ID : CVE-2025-4543
Published : May 11, 2025, 6:15 p.m. | 16 hours, 41 minutes ago
Description : A vulnerability, which was classified as critical, was found in LyLme Spage 2.1. This affects an unknown part of the file lylme_spage/blob/master/admin/ajax_link.php. The manipulation of the argument sort leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 11 May 2025 18:15:00 GMT

read more

CVE-2025-4541 - LmxCMS SQL Injection Vulnerability

CVE ID : CVE-2025-4541
Published : May 11, 2025, 4:15 p.m. | 16 hours, 34 minutes ago
Description : A vulnerability classified as critical has been found in LmxCMS 1.41. Affected is the function manageZt of the file c\admin\ZtAction.class.php of the component POST Request Handler. The manipulation of the argument sortid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 11 May 2025 16:15:00 GMT

read more

CVE-2025-4540 - MTSoftware C-Lodop Unquoted Search Path Vulnerability

CVE ID : CVE-2025-4540
Published : May 11, 2025, 4:15 p.m. | 14 hours, 40 minutes ago
Description : A vulnerability was found in MTSoftware C-Lodop 6.6.1.1. It has been rated as critical. This issue affects some unknown processing of the component CLodopPrintService. The manipulation leads to unquoted search path. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 6.6.13 is able to address this issue. It is recommended to upgrade the affected component.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 11 May 2025 16:15:00 GMT

read more

CVE-2025-4538 - KKFileView Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-4538
Published : May 11, 2025, 11:15 a.m. | 19 hours, 40 minutes ago
Description : A vulnerability was found in kkFileView 4.4.0. It has been classified as critical. This affects an unknown part of the file /fileUpload. The manipulation of the argument File leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 11 May 2025 11:15:00 GMT

read more

CVE-2025-4539 - Hainan ToDesk DLL File Parser Uncontrolled Search Path Vulnerability

CVE ID : CVE-2025-4539
Published : May 11, 2025, 11:15 a.m. | 19 hours, 40 minutes ago
Description : A vulnerability was found in Hainan ToDesk 4.7.6.3. It has been declared as critical. This vulnerability affects unknown code in the library profapi.dll of the component DLL File Parser. The manipulation leads to uncontrolled search path. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 11 May 2025 11:15:00 GMT

read more

CVE-2025-4537 - RuoYi-Vue Cleartext Storage of Sensitive Information in Cookie

CVE ID : CVE-2025-4537
Published : May 11, 2025, 10:15 a.m. | 20 hours, 41 minutes ago
Description : A vulnerability was found in yangzongzhuan RuoYi-Vue up to 3.8.9 and classified as problematic. Affected by this issue is some unknown functionality of the file ruoyi-ui/jsencrypt.js and ruoyi-ui/login.vue of the component Password Handler. The manipulation leads to cleartext storage of sensitive information in a cookie. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used.
Severity: 3.1 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 11 May 2025 10:15:00 GMT

read more

CVE-2025-4536 - Gosuncn Technology Group Audio-Visual Integrated Management Platform Remote Information Disclosure

CVE ID : CVE-2025-4536
Published : May 11, 2025, 9:15 a.m. | 19 hours, 45 minutes ago
Description : A vulnerability has been found in Gosuncn Technology Group Audio-Visual Integrated Management Platform 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /sysmgr/user/listByPage. The manipulation leads to information disclosure. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 11 May 2025 09:15:00 GMT

read more

CVE-2025-4534 - SunGrow Logger1000 Remote Weak Password Requirements Vulnerability

CVE ID : CVE-2025-4534
Published : May 11, 2025, 8:15 a.m. | 20 hours, 45 minutes ago
Description : A vulnerability, which was classified as problematic, has been found in SunGrow Logger1000 01_A. This issue affects some unknown processing. The manipulation leads to weak password requirements. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 11 May 2025 08:15:00 GMT

read more

CVE-2025-4535 - Gosuncn Technology Group Audio-Visual Integrated Management Platform Remote Configuration File Handler Information Disclosure

CVE ID : CVE-2025-4535
Published : May 11, 2025, 8:15 a.m. | 20 hours, 45 minutes ago
Description : A vulnerability, which was classified as problematic, was found in Gosuncn Technology Group Audio-Visual Integrated Management Platform 4.0. Affected is an unknown function of the file /config/config.properties of the component Configuration File Handler. The manipulation leads to information disclosure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 11 May 2025 08:15:00 GMT

read more

CVE-2025-4533 - JeecgBoot Document Library Upload Remote Resource Consumption Vulnerability

CVE ID : CVE-2025-4533
Published : May 11, 2025, 7:15 a.m. | 20 hours, 30 minutes ago
Description : A vulnerability classified as problematic was found in JeecgBoot up to 3.8.0. This vulnerability affects the function unzipFile of the file /jeecg-boot/airag/knowledge/doc/import/zip of the component Document Library Upload. The manipulation of the argument File leads to resource consumption. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 2.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 11 May 2025 07:15:00 GMT

read more

CVE-2025-4531 - Seeyon Zhiyuan OA Web Application System Remote Code Injection Vulnerability

CVE ID : CVE-2025-4531
Published : May 11, 2025, 6:15 a.m. | 20 hours, 33 minutes ago
Description : A vulnerability was found in Seeyon Zhiyuan OA Web Application System 8.1 SP2. It has been rated as critical. Affected by this issue is the function postData of the file ROOT\WEB-INF\classes\com\ours\www\ehr\salary\service\data\EhrSalaryPayrollServiceImpl.class of the component Beetl Template Handler. The manipulation of the argument payrollId leads to code injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 11 May 2025 06:15:00 GMT

read more

CVE-2025-4532 - Shanghai Bairui Information Technology SunloginClient DLL Search Path Vulnerability (Uncontrolled Search Path)

CVE ID : CVE-2025-4532
Published : May 11, 2025, 6:15 a.m. | 20 hours, 33 minutes ago
Description : A vulnerability classified as critical has been found in Shanghai Bairui Information Technology SunloginClient 15.8.3.19819. This affects an unknown part in the library process.dll of the file sunlogin_guard.exe. The manipulation leads to uncontrolled search path. Local access is required to approach this attack. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 11 May 2025 06:15:00 GMT

read more

CVE-2025-4530 - Feng Ha Ha Megagao SSM-ERP/Production SSM Path Traversal Vulnerability

CVE ID : CVE-2025-4530
Published : May 11, 2025, 5:15 a.m. | 21 hours, 33 minutes ago
Description : A vulnerability was found in feng_ha_ha/megagao ssm-erp and production_ssm 1.0. It has been declared as problematic. Affected by this vulnerability is the function handleFileDownload of the file FileController.java of the component File Handler. The manipulation leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product is distributed under two entirely different names.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 11 May 2025 05:15:00 GMT

read more

CVE-2025-4529 - Seeyon Zhiyuan OA Web Application System Path Traversal Vulnerability

CVE ID : CVE-2025-4529
Published : May 11, 2025, 4:15 a.m. | 20 hours, 29 minutes ago
Description : A vulnerability was found in Seeyon Zhiyuan OA Web Application System 8.1 SP2. It has been classified as problematic. Affected is the function Download of the file seeyon\opt\Seeyon\A8\ApacheJetspeed\webapps\seeyon\WEB-INF\lib\seeyon-apps-m3.jar!\com\seeyon\apps\m3\core\controller\M3CoreController.class of the component ZIP File Handler. The manipulation of the argument Name leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 11 May 2025 04:15:00 GMT

read more

CVE-2025-4528 - Dígitro NGC Explorer Remote Session Expiration Vulnerability

CVE ID : CVE-2025-4528
Published : May 11, 2025, 3:15 a.m. | 21 hours, 28 minutes ago
Description : A vulnerability was found in Dígitro NGC Explorer up to 3.44.15 and classified as problematic. This issue affects some unknown processing. The manipulation leads to session expiration. The attack may be initiated remotely. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 11 May 2025 03:15:00 GMT

read more

CVE-2025-47828 - Lumi H5P Nodejs Library HTML Injection Vulnerability

CVE ID : CVE-2025-47828
Published : May 11, 2025, 3:15 a.m. | 19 hours, 40 minutes ago
Description : Lumi H5P-Nodejs-library before 9.3.3 omits a sanitizeHtml call for plain text strings.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 11 May 2025 03:15:00 GMT

read more

CVE-2025-4527 - Dígitro NGC Explorer Remote Code Execution Vulnerability

CVE ID : CVE-2025-4527
Published : May 11, 2025, 3:15 a.m. | 19 hours, 40 minutes ago
Description : A vulnerability has been found in Dígitro NGC Explorer 3.44.15 and classified as problematic. This vulnerability affects unknown code of the component Password Transmission Handler. The manipulation leads to client-side enforcement of server-side security. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 11 May 2025 03:15:00 GMT

read more

CVE-2025-4526 - Dígitro NGC Explorer Password Field Masking Vulnerability

CVE ID : CVE-2025-4526
Published : May 11, 2025, 1:15 a.m. | 21 hours, 40 minutes ago
Description : A vulnerability, which was classified as problematic, was found in Dígitro NGC Explorer 3.44.15. This affects an unknown part of the component Configuration Page. The manipulation leads to missing password field masking. It is possible to initiate the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 11 May 2025 01:15:00 GMT

read more

CVE-2025-4525 - Discord WINSTA.dll Uncontrolled Search Path Vulnerability

CVE ID : CVE-2025-4525
Published : May 10, 2025, 11:15 p.m. | 22 hours, 25 minutes ago
Description : A vulnerability, which was classified as critical, has been found in Discord 1.0.9188 on Windows. Affected by this issue is some unknown functionality in the library WINSTA.dll. The manipulation leads to uncontrolled search path. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 10 May 2025 23:15:00 GMT

read more

CVE-2025-47817 - BlueWave Checkmate Role Parameter Injection Vulnerability

CVE ID : CVE-2025-47817
Published : May 10, 2025, 10:15 p.m. | 23 hours, 26 minutes ago
Description : In BlueWave Checkmate through 2.0.2 before b387eba, a profile edit request can include a role parameter.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 10 May 2025 22:15:00 GMT

read more

CVE-2025-47816 - GNU PSPP XML Processing Out-of-Bounds Read Vulnerability

CVE ID : CVE-2025-47816
Published : May 10, 2025, 10:15 p.m. | 22 hours, 40 minutes ago
Description : libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause an spvxml-helpers.c spvxml_parse_attributes out-of-bounds read, related to extra content at the end of a document.
Severity: 2.9 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 10 May 2025 22:15:00 GMT

read more

CVE-2025-47814 - GNU PSPP Zip-Reader Heap-Based Buffer Overflow

CVE ID : CVE-2025-47814
Published : May 10, 2025, 10:15 p.m. | 20 hours, 40 minutes ago
Description : libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflate_read (called indirectly from spv_read_xml_member) in zip-reader.c.
Severity: 4.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 10 May 2025 22:15:00 GMT

read more

CVE-2025-47815 - GNU PSPP Heap-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-47815
Published : May 10, 2025, 10:15 p.m. | 20 hours, 40 minutes ago
Description : libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflate_read (called indirectly from zip_member_read_all) in zip-reader.c.
Severity: 4.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 10 May 2025 22:15:00 GMT

read more

CVE-2025-4515 - Zylon PrivateGPT Cross-Domain Policy Vulnerability

CVE ID : CVE-2025-4515
Published : May 10, 2025, 9:15 p.m. | 21 hours, 40 minutes ago
Description : A vulnerability, which was classified as problematic, was found in Zylon PrivateGPT up to 0.6.2. This affects an unknown part of the file settings.yaml. The manipulation of the argument allow_origins leads to permissive cross-domain policy with untrusted domains. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 10 May 2025 21:15:00 GMT

read more

CVE-2025-4513 - Moodle Catalyst User Key Authentication Plugin Open Redirect Vulnerability

CVE ID : CVE-2025-4513
Published : May 10, 2025, 8:15 p.m. | 20 hours, 30 minutes ago
Description : A vulnerability classified as problematic was found in Catalyst User Key Authentication Plugin 20220819 on Moodle. Affected by this vulnerability is an unknown functionality of the file /auth/userkey/logout.php of the component Logout. The manipulation of the argument return leads to open redirect. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 10 May 2025 20:15:00 GMT

read more

CVE-2025-4514 - Zhengzhou Jiuhua Electronic Technology mayicms SQL Injection Vulnerability

CVE ID : CVE-2025-4514
Published : May 10, 2025, 8:15 p.m. | 20 hours, 30 minutes ago
Description : A vulnerability, which was classified as critical, has been found in Zhengzhou Jiuhua Electronic Technology mayicms up to 5.8E. Affected by this issue is some unknown functionality of the file /javascript.php. The manipulation of the argument Value leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 10 May 2025 20:15:00 GMT

read more

CVE-2025-4511 - Vector4Wang Spring-Boot-Quick Remote Path Traversal Vulnerability

CVE ID : CVE-2025-4511
Published : May 10, 2025, 7:15 p.m. | 20 hours, 25 minutes ago
Description : A vulnerability was found in vector4wang spring-boot-quick up to 20250422. It has been rated as critical. This issue affects the function ResponseEntity of the file /spring-boot-quick-master/quick-img2txt/src/main/java/com/quick/controller/Img2TxtController.java of the component quick-img2txt. The manipulation leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 10 May 2025 19:15:00 GMT

read more

CVE-2025-4512 - Inetum IODAS Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-4512
Published : May 10, 2025, 7:15 p.m. | 20 hours, 25 minutes ago
Description : A vulnerability classified as problematic has been found in Inetum IODAS 7.2-LTS.4.1-JDK7/7.2-RC3.2-JDK7. Affected is an unknown function of the file /astre/iodasweb/app.jsp. The manipulation of the argument action leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 10 May 2025 19:15:00 GMT

read more

CVE-2025-4509 - PHPGurukul e-Diary Management System SQL Injection

CVE ID : CVE-2025-4509
Published : May 10, 2025, 6:15 p.m. | 16 hours, 27 minutes ago
Description : A vulnerability, which was classified as critical, has been found in PHPGurukul e-Diary Management System 1.0. This issue affects some unknown processing of the file /manage-notes.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 10 May 2025 18:15:00 GMT

read more

CVE-2025-4510 - Changjietong UFIDA CRM SQL Injection

CVE ID : CVE-2025-4510
Published : May 10, 2025, 6:15 p.m. | 16 hours, 27 minutes ago
Description : A vulnerability was found in Changjietong UFIDA CRM 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /optnty/optntyday.php. The manipulation of the argument gblOrgID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 10 May 2025 18:15:00 GMT

read more

CVE-2025-4507 - Campcodes Online Food Ordering System SQL Injection Vulnerability

CVE ID : CVE-2025-4507
Published : May 10, 2025, 5:15 p.m. | 15 hours, 40 minutes ago
Description : A vulnerability classified as critical has been found in Campcodes Online Food Ordering System 1.0. This affects an unknown part of the file /routers/add-item.php. The manipulation of the argument price leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 10 May 2025 17:15:00 GMT

read more

CVE-2025-4508 - PHPGurukul e-Diary Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4508
Published : May 10, 2025, 5:15 p.m. | 15 hours, 40 minutes ago
Description : A vulnerability classified as critical was found in PHPGurukul e-Diary Management System 1.0. This vulnerability affects unknown code of the file /my-profile.php. The manipulation of the argument fname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 10 May 2025 17:15:00 GMT

read more

CVE-2025-4505 - "PHPGurukul Apartment Visitors Management System SQL Injection Vulnerability"

CVE ID : CVE-2025-4505
Published : May 10, 2025, 4:15 p.m. | 15 hours, 25 minutes ago
Description : A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /category.php. The manipulation of the argument categoryname leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 10 May 2025 16:15:00 GMT

read more

CVE-2025-4506 - Campcodes Online Food Ordering System SQL Injection Vulnerability

CVE ID : CVE-2025-4506
Published : May 10, 2025, 4:15 p.m. | 15 hours, 25 minutes ago
Description : A vulnerability was found in Campcodes Online Food Ordering System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /routers/menu-router.php. The manipulation of the argument 1_price leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 10 May 2025 16:15:00 GMT

read more

CVE-2023-53145 - Qualcomm Bluetooth BTSdio Use After Free Buffer Overflow

CVE ID : CVE-2023-53145
Published : May 10, 2025, 3:15 p.m. | 15 hours, 6 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition In btsdio_probe, the data->work is bound with btsdio_work. It will be started in btsdio_send_frame. If the btsdio_remove runs with a unfinished work, there may be a race condition that hdev is freed but used in btsdio_work. Fix it by canceling the work before do cleanup in btsdio_remove.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 10 May 2025 15:15:00 GMT

read more

CVE-2025-4504 - SourceCodester Online College Library System SQL Injection Vulnerability

CVE ID : CVE-2025-4504
Published : May 10, 2025, 3:15 p.m. | 15 hours, 6 minutes ago
Description : A vulnerability was found in SourceCodester Online College Library System 1.0. It has been classified as critical. Affected is an unknown function of the file /index.php. The manipulation of the argument Category leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 10 May 2025 15:15:00 GMT

read more

CVE-2025-4503 - Campcodes Sales and Inventory System SQL Injection

CVE ID : CVE-2025-4503
Published : May 10, 2025, 2:15 p.m. | 16 hours, 7 minutes ago
Description : A vulnerability was found in Campcodes Sales and Inventory System 1.0 and classified as critical. This issue affects some unknown processing of the file /pages/customer_update.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 10 May 2025 14:15:00 GMT

read more

CVE-2025-4502 - Campcodes Sales and Inventory System SQL Injection Vulnerability

CVE ID : CVE-2025-4502
Published : May 10, 2025, 2:15 p.m. | 14 hours, 40 minutes ago
Description : A vulnerability has been found in Campcodes Sales and Inventory System 1.0 and classified as critical. This vulnerability affects unknown code of the file /pages/creditor_add.php. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 10 May 2025 14:15:00 GMT

read more

CVE-2025-1752 - Llama Index Denial of Service Vulnerability

CVE ID : CVE-2025-1752
Published : May 10, 2025, 2:15 p.m. | 13 hours, 56 minutes ago
Description : A Denial of Service (DoS) vulnerability has been identified in the KnowledgeBaseWebReader class of the run-llama/llama_index project, affecting version ~ latest(v0.12.15). The vulnerability arises due to inappropriate secure coding measures, specifically the lack of proper implementation of the max_depth parameter in the get_article_urls function. This allows an attacker to exhaust Python's recursion limit through repeated function calls, leading to resource consumption and ultimately crashing the Python process.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 10 May 2025 14:15:00 GMT

read more

CVE-2025-4500 - Code-projects Hotel Management System Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-4500
Published : May 10, 2025, 1:15 p.m. | 13 hours, 39 minutes ago
Description : A vulnerability, which was classified as critical, has been found in code-projects Hotel Management System 1.0. Affected by this issue is the function Edit of the component Edit Room. The manipulation of the argument roomnumber leads to stack-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 10 May 2025 13:15:00 GMT

read more

CVE-2025-4501 - Apache Code-Projects Album Management System Stack Buffer Overflow

CVE ID : CVE-2025-4501
Published : May 10, 2025, 1:15 p.m. | 13 hours, 39 minutes ago
Description : A vulnerability, which was classified as critical, was found in code-projects Album Management System 1.0. This affects the function searchalbum of the component Search Albums. The manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 10 May 2025 13:15:00 GMT

read more

CVE-2025-4499 - Simple Hospital Management System Buffer Overflow

CVE ID : CVE-2025-4499
Published : May 10, 2025, 12:15 p.m. | 14 hours, 40 minutes ago
Description : A vulnerability classified as critical was found in code-projects Simple Hospital Management System 1.0. Affected by this vulnerability is the function Add of the component Add Information. The manipulation of the argument x[i].name/x[i].disease leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 10 May 2025 12:15:00 GMT

read more

CVE-2025-3878 - WooCommerce Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3878
Published : May 10, 2025, 12:15 p.m. | 12 hours, 40 minutes ago
Description : The SMS Alert Order Notifications – WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's sa_verify shortcode in all versions up to, and including, 3.8.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 10 May 2025 12:15:00 GMT

read more

CVE-2025-3876 - WooCommerce WordPress Privilege Escalation Vulnerability

CVE ID : CVE-2025-3876
Published : May 10, 2025, 12:15 p.m. | 9 hours, 56 minutes ago
Description : The SMS Alert Order Notifications – WooCommerce plugin for WordPress is vulnerable to Privilege Escalation due to insufficient user OTP validation in the handleWpLoginCreateUserAction() function in all versions up to, and including, 3.8.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to impersonate any account by supplying its username or email and elevate their privileges to that of an administrator.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 10 May 2025 12:15:00 GMT

read more

CVE-2025-2158 - WordPress Review Plugin Local File Inclusion Vulnerability

CVE ID : CVE-2025-2158
Published : May 10, 2025, 10:15 a.m. | 11 hours, 56 minutes ago
Description : The WordPress Review Plugin: The Ultimate Solution for Building a Review Website plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 5.3.5 via the Post custom fields. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where PHP file types can be uploaded and included, or pearcmd is enabled on a server with register_argc_argv also enabled.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 10 May 2025 10:15:00 GMT

read more

CVE-2025-4498 - Simple Bus Reservation System Buffer Overflow Vulnerability

CVE ID : CVE-2025-4498
Published : May 10, 2025, 10:15 a.m. | 11 hours, 56 minutes ago
Description : A vulnerability classified as critical has been found in code-projects Simple Bus Reservation System 1.0. Affected is the function a::install of the component Install Bus. The manipulation of the argument bus leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 10 May 2025 10:15:00 GMT

read more

CVE-2025-4497 - Apache Code-Projects Simple Banking System Buffer Overflow Vulnerability

CVE ID : CVE-2025-4497
Published : May 10, 2025, 7:15 a.m. | 14 hours, 55 minutes ago
Description : A vulnerability was found in code-projects Simple Banking System up to 1.0. It has been rated as critical. This issue affects some unknown processing of the component Sign In. The manipulation of the argument password2 leads to buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 10 May 2025 07:15:00 GMT

read more

CVE-2025-2944 - Elementor Jeg Stored Cross-Site Scripting (XSS)

CVE ID : CVE-2025-2944
Published : May 10, 2025, 6:15 a.m. | 15 hours, 55 minutes ago
Description : The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Video Button and Countdown Widgets in all versions up to, and including, 2.6.12 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 10 May 2025 06:15:00 GMT

read more

CVE-2025-4496 - TOTOLINK CloudACMunualUpdate Buffer Overflow Vulnerability

CVE ID : CVE-2025-4496
Published : May 10, 2025, 5:15 a.m. | 15 hours, 19 minutes ago
Description : A vulnerability was found in TOTOLINK T10, A3100R, A950RG, A800R, N600R, A3000RU and A810R 4.1.8cu.5241_B20210927. It has been declared as critical. This vulnerability affects the function CloudACMunualUpdate of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument FileName leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 10 May 2025 05:15:00 GMT

read more

CVE-2025-47769 - Apache Struts Deserialization Vulnerability

CVE ID : CVE-2025-47769
Published : May 10, 2025, 3:15 a.m. | 16 hours, 53 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 10 May 2025 03:15:00 GMT

read more

CVE-2025-47770 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-47770
Published : May 10, 2025, 3:15 a.m. | 16 hours, 53 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 10 May 2025 03:15:00 GMT

read more

CVE-2025-47767 - Adobe Flash Unvalidated User Input

CVE ID : CVE-2025-47767
Published : May 10, 2025, 3:15 a.m. | 15 hours, 25 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 10 May 2025 03:15:00 GMT

read more

CVE-2025-47768 - Cisco ASA SSL/TLS Certificate Pinning Bypass

CVE ID : CVE-2025-47768
Published : May 10, 2025, 3:15 a.m. | 15 hours, 25 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 10 May 2025 03:15:00 GMT

read more

CVE-2025-47765 - Apache Struts Command Injection

CVE ID : CVE-2025-47765
Published : May 10, 2025, 3:15 a.m. | 14 hours, 52 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 10 May 2025 03:15:00 GMT

read more

CVE-2025-47766 - Apache Apache HTTP Server Unvalidated Redirect

CVE ID : CVE-2025-47766
Published : May 10, 2025, 3:15 a.m. | 14 hours, 52 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 10 May 2025 03:15:00 GMT

read more

CVE-2025-1137 - IBM Storage Scale Command Injection Vulnerability

CVE ID : CVE-2025-1137
Published : May 10, 2025, 3:15 a.m. | 12 hours, 52 minutes ago
Description : IBM Storage Scale 5.2.2.0 and 5.2.2.1, under certain configurations, could allow an authenticated user to execute privileged commands due to improper input neutralization.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 10 May 2025 03:15:00 GMT

read more

CVE-2025-47762 - Apple iOS Unvalidated Redirect

CVE ID : CVE-2025-47762
Published : May 10, 2025, 3:15 a.m. | 12 hours, 52 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 10 May 2025 03:15:00 GMT

read more

CVE-2025-47763 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-47763
Published : May 10, 2025, 3:15 a.m. | 12 hours, 52 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 10 May 2025 03:15:00 GMT

read more

CVE-2025-47764 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-47764
Published : May 10, 2025, 3:15 a.m. | 12 hours, 52 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 10 May 2025 03:15:00 GMT

read more

CVE-2025-4495 - JAdmin-JAVA Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-4495
Published : May 10, 2025, 1:15 a.m. | 13 hours, 23 minutes ago
Description : A vulnerability has been found in JAdmin-JAVA JAdmin 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /memoAjax/save. The manipulation of the argument ID leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 10 May 2025 01:15:00 GMT

read more

CVE-2025-47424 - Retool Host Header Injection Vulnerability

CVE ID : CVE-2025-47424
Published : May 9, 2025, 11:15 p.m. | 15 hours, 23 minutes ago
Description : Retool (self-hosted) before 3.196.0 allows Host header injection. When the BASE_DOMAIN environment variable is not set, the HTTP host header can be manipulated.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 23:15:00 GMT

read more

CVE-2025-3794 - WordPress WPForms Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3794
Published : May 9, 2025, 11:15 p.m. | 14 hours, 51 minutes ago
Description : The WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the start_timestamp parameter in all versions up to, and including, 1.9.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 23:15:00 GMT

read more

CVE-2025-4492 - Campcodes Online Food Ordering System SQL Injection Vulnerability

CVE ID : CVE-2025-4492
Published : May 9, 2025, 10:15 p.m. | 15 hours, 52 minutes ago
Description : A vulnerability, which was classified as critical, has been found in Campcodes Online Food Ordering System 1.0. This issue affects some unknown processing of the file /routers/ticket-message.php. The manipulation of the argument ticket_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 22:15:00 GMT

read more

CVE-2025-4494 - JAdmin-JAVA Remote Authentication Bypass

CVE ID : CVE-2025-4494
Published : May 9, 2025, 10:15 p.m. | 15 hours, 52 minutes ago
Description : A vulnerability, which was classified as critical, was found in JAdmin-JAVA JAdmin 1.0. Affected is the function toLogin of the file NoNeedLoginController.java of the component Admin Backend. The manipulation leads to improper authentication. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 22:15:00 GMT

read more

CVE-2025-4490 - Campcodes Online Food Ordering System SQL Injection Vulnerability

CVE ID : CVE-2025-4490
Published : May 9, 2025, 9:15 p.m. | 15 hours, 39 minutes ago
Description : A vulnerability classified as critical has been found in Campcodes Online Food Ordering System 1.0. This affects an unknown part of the file /view-ticket-admin.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 21:15:00 GMT

read more

CVE-2025-4491 - Campcodes Online Food Ordering System SQL Injection Vulnerability

CVE ID : CVE-2025-4491
Published : May 9, 2025, 9:15 p.m. | 15 hours, 39 minutes ago
Description : A vulnerability classified as critical was found in Campcodes Online Food Ordering System 1.0. This vulnerability affects unknown code of the file /routers/ticket-status.php. The manipulation of the argument ticket_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 21:15:00 GMT

read more

CVE-2025-47269 - Code-server Proxy Pathway Token Exfiltration

CVE ID : CVE-2025-47269
Published : May 9, 2025, 9:15 p.m. | 14 hours, 23 minutes ago
Description : code-server runs VS Code on any machine anywhere through browser access. Prior to version 4.99.4, a maliciously crafted URL using the proxy subpath can result in the attacker gaining access to the session token. Failure to properly validate the port for a proxy request can result in proxying to an arbitrary domain. The malicious URL `https:///proxy/test@evil.com/path` would be proxied to `test@evil.com/path` where the attacker could exfiltrate a user's session token. Any user who runs code-server with the built-in proxy enabled and clicks on maliciously crafted links that go to their code-server instances with reference to /proxy. Normally this is used to proxy local ports, however the URL can reference the attacker's domain instead, and the connection is then proxied to that domain, which will include sending cookies. With access to the session cookie, the attacker can then log into code-server and have full access to the machine hosting code-server as the user running code-server. This issue has been patched in version 4.99.4.
Severity: 8.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 21:15:00 GMT

read more

CVE-2025-4447 - Eclipse OpenJ9 OpenJDK Stack Buffer Overflow

CVE ID : CVE-2025-4447
Published : May 9, 2025, 9:15 p.m. | 14 hours, 23 minutes ago
Description : In Eclipse OpenJ9 versions up to 0.51, when used with OpenJDK version 8 a stack based buffer overflow can be caused by modifying a file on disk that is read when the JVM starts.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 21:15:00 GMT

read more

CVE-2025-4489 - Campcodes Online Food Ordering System SQL Injection

CVE ID : CVE-2025-4489
Published : May 9, 2025, 9:15 p.m. | 14 hours, 23 minutes ago
Description : A vulnerability was found in Campcodes Online Food Ordering System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /routers/user-router.php. The manipulation of the argument t1_verified leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 21:15:00 GMT

read more

CVE-2025-4487 - iSourcecode Gym Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4487
Published : May 9, 2025, 8:15 p.m. | 13 hours, 40 minutes ago
Description : A vulnerability was found in itsourcecode Gym Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /ajax.php?action=delete_member. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 20:15:00 GMT

read more

CVE-2025-4488 - iSourcecode Gym Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4488
Published : May 9, 2025, 8:15 p.m. | 13 hours, 40 minutes ago
Description : A vulnerability was found in itsourcecode Gym Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=delete_package. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 20:15:00 GMT

read more

CVE-2025-4486 - iSourcecode Gym Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4486
Published : May 9, 2025, 8:15 p.m. | 10 hours, 39 minutes ago
Description : A vulnerability was found in itsourcecode Gym Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /ajax.php?action=delete_plan. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 20:15:00 GMT

read more

CVE-2025-4485 - iSourcecode Gym Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4485
Published : May 9, 2025, 7:16 p.m. | 10 hours, 35 minutes ago
Description : A vulnerability has been found in itsourcecode Gym Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /ajax.php?action=delete_trainer. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 19:16:00 GMT

read more

CVE-2025-4484 - iSourcecode Gym Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4484
Published : May 9, 2025, 7:16 p.m. | 9 hours, 39 minutes ago
Description : A vulnerability, which was classified as critical, was found in itsourcecode Gym Management System 1.0. This affects an unknown part of the file /ajax.php?action=delete_user. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 19:16:00 GMT

read more

CVE-2025-1993 - IBM App Connect Enterprise Certified Container Cryptographic Weakness

CVE ID : CVE-2025-1993
Published : May 9, 2025, 6:16 p.m. | 7 hours, 48 minutes ago
Description : IBM App Connect Enterprise Certified Container 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, 12.8, 12.9, and 12.10 DesignerAuthoring instances store their flows in a database that is protected by weaker than expected cryptographic algorithms that could be decrypted by a local user.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 18:16:00 GMT

read more

CVE-2025-4482 - Project Worlds Student Project Allocation System SQL Injection Vulnerability

CVE ID : CVE-2025-4482
Published : May 9, 2025, 6:16 p.m. | 7 hours, 48 minutes ago
Description : A vulnerability classified as critical was found in Project Worlds Student Project Allocation System 1.0. Affected by this vulnerability is an unknown functionality of the file /change_pass/forgot_password_sql.php. The manipulation of the argument Pat_BloodGroup1 leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 18:16:00 GMT

read more

CVE-2025-4483 - iSourcecode Gym Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4483
Published : May 9, 2025, 6:16 p.m. | 7 hours, 48 minutes ago
Description : A vulnerability, which was classified as critical, has been found in itsourcecode Gym Management System 1.0. Affected by this issue is some unknown functionality of the file /view_pdetails.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 18:16:00 GMT

read more

CVE-2025-1278 - GitLab IP Access Bypass Vulnerability

CVE ID : CVE-2025-1278
Published : May 9, 2025, 5:15 p.m. | 8 hours, 48 minutes ago
Description : An issue has been discovered in GitLab CE/EE affecting all versions from 12.0 before 17.9.8, 17.10 before 17.10.6, and 17.11 before 17.11.2. Under certain conditions users could bypass IP access restrictions and view sensitive information.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 17:15:00 GMT

read more

CVE-2025-29509 - Jan Electron RCE

CVE ID : CVE-2025-29509
Published : May 9, 2025, 5:15 p.m. | 8 hours, 48 minutes ago
Description : Jan v0.5.14 and before is vulnerable to remote code execution (RCE) when the user clicks on a rendered link in the conversation, due to opening external website in the app and the exposure of electronAPI, with a lack of filtering of URL when calling shell.openExternal().
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 17:15:00 GMT

read more

CVE-2025-46190 - SourceCodester Client Database Management System SQL Injection

CVE ID : CVE-2025-46190
Published : May 9, 2025, 5:15 p.m. | 8 hours, 48 minutes ago
Description : SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in user_delivery_update.php via the order_id POST parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 17:15:00 GMT

read more

CVE-2025-46191 - SourceCodester Client Database Management System Remote Code Execution Vulnerability

CVE ID : CVE-2025-46191
Published : May 9, 2025, 5:15 p.m. | 8 hours, 48 minutes ago
Description : Arbitrary File Upload in user_payment_update.php in SourceCodester Client Database Management System 1.0 allows unauthenticated users to upload arbitrary files via the uploaded_file_cancelled field. Due to the absence of proper file extension checks, MIME type validation, and authentication, attackers can upload executable PHP files to a web-accessible directory (/files/). This allows them to execute arbitrary commands remotely by accessing the uploaded script, resulting in full Remote Code Execution (RCE) without authentication.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 17:15:00 GMT

read more

CVE-2025-46192 - SourceCodester Client Database Management System SQL Injection

CVE ID : CVE-2025-46192
Published : May 9, 2025, 5:15 p.m. | 8 hours, 48 minutes ago
Description : SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in user_payment_update.php via the order_id POST parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 17:15:00 GMT

read more

CVE-2025-4480 - Apache Code-Projects Simple College Management System Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-4480
Published : May 9, 2025, 5:15 p.m. | 8 hours, 48 minutes ago
Description : A vulnerability was found in code-projects Simple College Management System 1.0. It has been declared as critical. This vulnerability affects the function input of the component Add New Student. The manipulation of the argument name/branch leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 17:15:00 GMT

read more

CVE-2025-4481 - SourceCodester Apartment Visitor Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4481
Published : May 9, 2025, 5:15 p.m. | 8 hours, 48 minutes ago
Description : A vulnerability was found in SourceCodester Apartment Visitor Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /search-result.php. The manipulation of the argument searchdata leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 17:15:00 GMT

read more

CVE-2025-0549 - GitLab OAuth Bypass Vulnerability

CVE ID : CVE-2025-0549
Published : May 9, 2025, 5:15 p.m. | 7 hours, 39 minutes ago
Description : An issue has been discovered in GitLab CE/EE affecting all versions starting from 17.3 prior to 17.9.8, from 17.10 prior to 17.10.6, and from 17.11 prior to 17.11.2. A security vulnerability allows attackers to bypass Device OAuth flow protections, enabling authorization form submission through minimal user interaction.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 17:15:00 GMT

read more

CVE-2024-8973 - GitLab GitHub Import Denial of Service

CVE ID : CVE-2024-8973
Published : May 9, 2025, 5:15 p.m. | 5 hours, 39 minutes ago
Description : An issue has been discovered in GitLab CE/EE affecting all versions starting from 17.1 prior to 17.9.8, from 17.10 prior to 17.10.6, and from 17.11 prior to 17.11.2. It was possible to cause a DoS condition via GitHub import requests using a malicious crafted payload.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 17:15:00 GMT

read more

CVE-2025-4432 - Rust Ring QUIC Panic Vulnerability

CVE ID : CVE-2025-4432
Published : May 9, 2025, 4:15 p.m. | 6 hours, 39 minutes ago
Description : A flaw was found in Rust's Ring package. A panic may be triggered when overflow checking is enabled. In the QUIC protocol, this flaw allows an attacker to induce this panic by sending a specially crafted packet. It will likely occur unintentionally in 1 out of every 2**32 packets sent or received.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 16:15:00 GMT

read more

CVE-2025-46189 - SourceCodester Client Database Management System SQL Injection Vulnerability

CVE ID : CVE-2025-46189
Published : May 9, 2025, 4:15 p.m. | 5 hours, 48 minutes ago
Description : SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in user_order_customer_update.php via the order_id POST parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 16:15:00 GMT

read more

CVE-2025-46193 - SourceCodester Client Database Management System Remote Code Execution Vulnerability

CVE ID : CVE-2025-46193
Published : May 9, 2025, 4:15 p.m. | 5 hours, 48 minutes ago
Description : SourceCodester Client Database Management System 1.0 is vulnerable to Remote code execution via Arbitrary file upload in user_proposal_update_order.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 16:15:00 GMT

read more

CVE-2025-28201 - Victure RX1800 Root RCE

CVE ID : CVE-2025-28201
Published : May 9, 2025, 4:15 p.m. | 4 hours, 39 minutes ago
Description : An issue in Victure RX1800 EN_V1.0.0_r12_110933 allows physically proximate attackers to execute arbitrary code or gain root access.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 16:15:00 GMT

read more

CVE-2025-28202 - Victure RX1800 SSH/Telnet Authentication Bypass Vulnerability

CVE ID : CVE-2025-28202
Published : May 9, 2025, 4:15 p.m. | 4 hours, 39 minutes ago
Description : Incorrect access control in Victure RX1800 EN_V1.0.0_r12_110933 allows attackers to enable SSH and Telnet services without authentication.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 16:15:00 GMT

read more

CVE-2025-28203 - Victure RX1800 Command Injection Vulnerability

CVE ID : CVE-2025-28203
Published : May 9, 2025, 4:15 p.m. | 4 hours, 39 minutes ago
Description : Victure RX1800 EN_V1.0.0_r12_110933 was discovered to contain a command injection vulnerability.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 16:15:00 GMT

read more

CVE-2025-45513 - Tenda FH451 Stack Overflow Vulnerability

CVE ID : CVE-2025-45513
Published : May 9, 2025, 4:15 p.m. | 4 hours, 39 minutes ago
Description : Tenda FH451 V1.0.0.9 has a stack overflow vulnerability in the function.P2pListFilter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 16:15:00 GMT

read more

CVE-2025-46188 - SourceCodester Client Database Management System SQL Injection

CVE ID : CVE-2025-46188
Published : May 9, 2025, 4:15 p.m. | 4 hours, 39 minutes ago
Description : SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in superadmin_phpmyadmin.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 16:15:00 GMT

read more

CVE-2024-13962 - Avast Cleanup Premium Link Following Local Privilege Escalation Vulnerability

CVE ID : CVE-2024-13962
Published : May 9, 2025, 4:15 p.m. | 3 hours, 47 minutes ago
Description : Link Following Local Privilege Escalation Vulnerability in TuneupSvc in Gen Digital Inc. Avast Cleanup Premium Version 24.2.16593.17810 on Windows 10 Pro x64 allows local attackers to escalate privileges and execute arbitrary code in the context of SYSTEM via creating a symbolic link and leveraging a TOCTTOU (time-of-check to time-of-use) attack.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 16:15:00 GMT

read more

CVE-2024-9524 - Avira Prime Link Following Local Privilege Escalation Vulnerability

CVE ID : CVE-2024-9524
Published : May 9, 2025, 4:15 p.m. | 3 hours, 47 minutes ago
Description : Link Following Local Privilege Escalation Vulnerability in System Speedup Service in Avira Operations GmbH Avira Prime Version 1.1.96.2 on Windows 10 x64 allows local attackers to escalate privileges and execute arbitrary code in the context of SYSTEM via creating a symbolic link and leveraging a TOCTTOU (time-of-check to time-of-use) attack.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 16:15:00 GMT

read more

CVE-2025-28200 - Victure RX1800 Default Password Weakness

CVE ID : CVE-2025-28200
Published : May 9, 2025, 4:15 p.m. | 3 hours, 47 minutes ago
Description : Victure RX1800 EN_V1.0.0_r12_110933 was discovered to utilize a weak default password which includes the last 8 digits of the Mac address.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 16:15:00 GMT

read more

CVE-2024-13960 - AVG TuneUp Link Following Local Privilege Escalation

CVE ID : CVE-2024-13960
Published : May 9, 2025, 4:15 p.m. | 2 hours, 25 minutes ago
Description : Link Following Local Privilege Escalation Vulnerability in TuneUp Service in AVG TuneUp Version 23.4 (build 15592) on Windows 10 allows local attackers to escalate privileges and execute arbitrary code in the context of SYSTEM via creating a symbolic link and leveraging a TOCTTOU (time-of-check to time-of-use) attack.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 16:15:00 GMT

read more

CVE-2024-13961 - Avast Cleanup Premium TuneupSvc Link Following Local Privilege Escalation

CVE ID : CVE-2024-13961
Published : May 9, 2025, 4:15 p.m. | 2 hours, 25 minutes ago
Description : Link Following Local Privilege Escalation Vulnerability in TuneupSvc in Avast Cleanup Premium Version 24.2.16593.17810 on Windows 10 Pro x64 allows local attackers to escalate privileges and execute arbitrary code in the context of SYSTEM via creating a symbolic link and leveraging a TOCTTOU (time-of-check to time-of-use) attack.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 16:15:00 GMT

read more

CVE-2024-13759 - Avira Prime Local Privilege Escalation

CVE ID : CVE-2024-13759
Published : May 9, 2025, 4:15 p.m. | 1 hour, 47 minutes ago
Description : Local Privilege Escalation in Avira.Spotlight.Service.exe in Avira Prime 1.1.96.2 on Windows 10 x64  allows local attackers to gain system-level privileges via arbitrary file deletion
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 16:15:00 GMT

read more

CVE-2024-13944 - Norton Utilities Ultimate Link Following Local Privilege Escalation Vulnerability

CVE ID : CVE-2024-13944
Published : May 9, 2025, 4:15 p.m. | 1 hour, 47 minutes ago
Description : Link Following Local Privilege Escalation Vulnerability in NortonUtilitiesSvc in Norton Utilities Ultimate Version 24.2.16862.6344 on Windows 10 Pro x64 allows local attackers to escalate privileges and execute arbitrary code in the context of SYSTEM via the creation of a symbolic link and leveraging a TOCTTOU (time-of-check to time-of-use) attack.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 16:15:00 GMT

read more

CVE-2024-13959 - AVG TuneUp Link Following Local Privilege Escalation Vulnerability

CVE ID : CVE-2024-13959
Published : May 9, 2025, 4:15 p.m. | 1 hour, 47 minutes ago
Description : Link Following Local Privilege Escalation Vulnerability in TuneupSvc.exe in AVG TuneUp 24.2.16593.9844 on Windows allows local attackers to escalate privileges and execute arbitrary code in the context of SYSTEM via creating a symbolic link and leveraging the service to delete a directory
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 16:15:00 GMT

read more

CVE-2025-45887 - Yifang CMS SSRF Vulnerability

CVE ID : CVE-2025-45887
Published : May 9, 2025, 3:15 p.m. | 1 hour, 15 minutes ago
Description : Yifang CMS v2.0.2 is vulnerable to Server-Side Request Forgery (SSRF) in /api/file/getRemoteContent.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 15:15:00 GMT

read more

CVE-2024-11861 - EnerSys AMPA Remote Command Injection Vulnerability

CVE ID : CVE-2024-11861
Published : May 9, 2025, 2:15 p.m. | 2 hours, 16 minutes ago
Description : EnerSys AMPA 22.09 and prior versions are vulnerable to command injection leading to privileged remote shell access.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 14:15:00 GMT

read more

CVE-2024-12442 - EnerSys AMPA Command Injection Vulnerability

CVE ID : CVE-2024-12442
Published : May 9, 2025, 2:15 p.m. | 2 hours, 16 minutes ago
Description : EnerSys AMPA versions 24.04 through 24.16, inclusive, are vulnerable to command injection leading to privileged remote shell access.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 14:15:00 GMT

read more

CVE-2025-45885 - PHPGURUKUL Vehicle Parking Management System SQL Injection

CVE ID : CVE-2025-45885
Published : May 9, 2025, 2:15 p.m. | 2 hours, 16 minutes ago
Description : PHPGURUKUL Vehicle Parking Management System v1.13 is vulnerable to SQL injection in the /vpms/users/login.php file. Attackers can inject malicious code from the parameter 'emailcont' and use it directly in SQL queries.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 14:15:00 GMT

read more

CVE-2025-1087 - Kong Insomnia Desktop Application Template Injection Vulnerability

CVE ID : CVE-2025-1087
Published : May 9, 2025, 12:15 p.m. | 4 hours, 16 minutes ago
Description : Kong Insomnia Desktop Application before 11.0.2 contains a template injection vulnerability that allows attackers to execute arbitrary code. The vulnerability exists due to insufficient validation of user-supplied input when processing template strings, which can lead to arbitrary JavaScript execution in the context of the application.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 12:15:00 GMT

read more

CVE-2025-3528 - OpenShift Mirror Registry Privilege Escalation Vulnerability

CVE ID : CVE-2025-3528
Published : May 9, 2025, 12:15 p.m. | 4 hours, 16 minutes ago
Description : A flaw was found in the Mirror Registry. The quay-app container shipped as part of the Mirror Registry for OpenShift has write access to the `/etc/passwd`. This flaw allows a malicious actor with access to the container to modify the passwd file and elevate their privileges to the root user within that pod.
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 12:15:00 GMT

read more

CVE-2025-3897 - "WordPress EUCookieLaw Plugin Arbitrary File Read Vulnerability"

CVE ID : CVE-2025-3897
Published : May 9, 2025, 12:15 p.m. | 4 hours, 16 minutes ago
Description : The EUCookieLaw plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 2.7.2 via the 'file_get_contents' function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information. The vulnerability can only be exploited if a caching plugin such as W3 Total Cache is installed and activated.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 12:15:00 GMT

read more

CVE-2025-4206 - Groundhogg WordPress File Deletion Vulnerability (Arbitrary File Deletion)

CVE ID : CVE-2025-4206
Published : May 9, 2025, 12:15 p.m. | 4 hours, 16 minutes ago
Description : The WordPress CRM, Email & Marketing Automation for WordPress | Award Winner — Groundhogg plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'process_export_delete' and 'process_import_delete' functions in all versions up to, and including, 4.1.1.2. This makes it possible for authenticated attackers, with Administrator-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 12:15:00 GMT

read more

CVE-2025-4382 - GRUB TPM Auto- decryption Data Exposure

CVE ID : CVE-2025-4382
Published : May 9, 2025, 12:15 p.m. | 4 hours, 16 minutes ago
Description : A flaw was found in systems utilizing LUKS-encrypted disks with GRUB configured for TPM-based auto-decryption. When GRUB is set to automatically decrypt disks using keys stored in the TPM, it reads the decryption key into system memory. If an attacker with physical access can corrupt the underlying filesystem superblock, GRUB will fail to locate a valid filesystem and enter rescue mode. At this point, the disk is already decrypted, and the decryption key remains loaded in system memory. This scenario may allow an attacker with physical access to access the unencrypted data without any further authentication, thereby compromising data confidentiality. Furthermore, the ability to force this state through filesystem corruption also presents a data integrity concern.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 12:15:00 GMT

read more

CVE-2025-46392 - Apache Commons Configuration Uncontrolled Resource Consumption Vulnerability

CVE ID : CVE-2025-46392
Published : May 9, 2025, 10:15 a.m. | 5 hours, 46 minutes ago
Description : Uncontrolled Resource Consumption vulnerability in Apache Commons Configuration 1.x. There are a number of issues in Apache Commons Configuration 1.x that allow excessive resource consumption when loading untrusted configurations or using unexpected usage patterns. The Apache Commons Configuration team does not intend to fix these issues in 1.x. Apache Commons Configuration 1.x is still safe to use in scenario's where you only load trusted configurations. Users that load untrusted configurations or give attackers control over usage patterns are recommended to upgrade to the 2.x version line, which fixes these issues. Apache Commons Configuration 2.x is not a drop-in replacement, but as it uses a separate Maven groupId and Java package namespace they can be loaded side-by-side, making it possible to do a gradual migration.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 10:15:00 GMT

read more

CVE-2025-3949 - SeedProd Theme Builder Landing Page Builder Unauthorized Data Access Vulnerability

CVE ID : CVE-2025-3949
Published : May 9, 2025, 9:15 a.m. | 6 hours, 46 minutes ago
Description : The Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'seedprod_lite_get_revisisons' function in all versions up to, and including, 6.18.15. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the content of arbitrary landing page revisions.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 09:15:00 GMT

read more

CVE-2025-4403 - WooCommerce Drag and Drop Multiple File Upload Arbitrary File Upload Vulnerability

CVE ID : CVE-2025-4403
Published : May 9, 2025, 9:15 a.m. | 6 hours, 46 minutes ago
Description : The Drag and Drop Multiple File Upload for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads in all versions up to, and including, 1.1.6 due to accepting a user‐supplied supported_type string and the uploaded filename without enforcing real extension or MIME checks within the upload() function. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 09:15:00 GMT

read more

CVE-2025-4471 - Apache Code-projects Jewelery Store Management System Stack Buffer Overflow Vulnerability

CVE ID : CVE-2025-4471
Published : May 9, 2025, 8:15 a.m. | 7 hours, 46 minutes ago
Description : A vulnerability, which was classified as critical, has been found in code-projects Jewelery Store Management system 1.0. Affected by this issue is some unknown functionality of the component Search Item View. The manipulation of the argument str2 leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 08:15:00 GMT

read more

CVE-2025-4472 - Code-projects Departmental Store Management System Buffer Overflow Vulnerability

CVE ID : CVE-2025-4472
Published : May 9, 2025, 8:15 a.m. | 7 hours, 46 minutes ago
Description : A vulnerability was found in code-projects Departmental Store Management System 1.0. It has been classified as critical. Affected is the function bill. The manipulation of the argument Item Code leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 08:15:00 GMT

read more

CVE-2025-37885 - KVM Linux Kernel MSI Route Handling Use-After-Free Vulnerability

CVE ID : CVE-2025-37885
Published : May 9, 2025, 7:16 a.m. | 8 hours, 45 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Reset IRTE to host control if *new* route isn't postable Restore an IRTE back to host control (remapped or posted MSI mode) if the *new* GSI route prevents posting the IRQ directly to a vCPU, regardless of the GSI routing type. Updating the IRTE if and only if the new GSI is an MSI results in KVM leaving an IRTE posting to a vCPU. The dangling IRTE can result in interrupts being incorrectly delivered to the guest, and in the worst case scenario can result in use-after-free, e.g. if the VM is torn down, but the underlying host IRQ isn't freed.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 07:16:00 GMT

read more

CVE-2025-37886 - Linux Kernel PDS Core Use-After-Free Buffer Overflow

CVE ID : CVE-2025-37886
Published : May 9, 2025, 7:16 a.m. | 8 hours, 45 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: pds_core: make wait_context part of q_info Make the wait_context a full part of the q_info struct rather than a stack variable that goes away after pdsc_adminq_post() is done so that the context is still available after the wait loop has given up. There was a case where a slow development firmware caused the adminq request to time out, but then later the FW finally finished the request and sent the interrupt. The handler tried to complete_all() the completion context that had been created on the stack in pdsc_adminq_post() but no longer existed. This caused bad pointer usage, kernel crashes, and much wailing and gnashing of teeth.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 07:16:00 GMT

read more

CVE-2025-37887 - Linux Kernel PDS_CORE Devlink Command Buffer Overflow

CVE ID : CVE-2025-37887
Published : May 9, 2025, 7:16 a.m. | 8 hours, 45 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result If the FW doesn't support the PDS_CORE_CMD_FW_CONTROL command the driver might at the least print garbage and at the worst crash when the user runs the "devlink dev info" devlink command. This happens because the stack variable fw_list is not 0 initialized which results in fw_list.num_fw_slots being a garbage value from the stack. Then the driver tries to access fw_list.fw_names[i] with i >= ARRAY_SIZE and runs off the end of the array. Fix this by initializing the fw_list and by not failing completely if the devcmd fails because other useful information is printed via devlink dev info even if the devcmd fails.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 07:16:00 GMT

read more

CVE-2025-37888 - Intel Mellanox Linux Null Pointer Dereference Vulnerability

CVE ID : CVE-2025-37888
Published : May 9, 2025, 7:16 a.m. | 8 hours, 45 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix null-ptr-deref in mlx5_create_{inner_,}ttc_table() Add NULL check for mlx5_get_flow_namespace() returns in mlx5_create_inner_ttc_table() and mlx5_create_ttc_table() to prevent NULL pointer dereference.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 07:16:00 GMT

read more

CVE-2025-37889 - XEN PCI MSI NULL Pointer Dereference Vulnerability

CVE ID : CVE-2025-37889
Published : May 9, 2025, 7:16 a.m. | 8 hours, 45 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: PCI/MSI: Handle the NOMASK flag correctly for all PCI/MSI backends The conversion of the XEN specific global variable pci_msi_ignore_mask to a MSI domain flag, missed the facts that: 1) Legacy architectures do not provide a interrupt domain 2) Parent MSI domains do not necessarily have a domain info attached Both cases result in an unconditional NULL pointer dereference. This was unfortunatly missed in review and testing revealed it late. Cure this by using the existing pci_msi_domain_supports() helper, which handles all possible cases correctly.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 07:16:00 GMT

read more

CVE-2025-3455 - WordPress 1 Click Migration Plugin Remote File Upload Vulnerability

CVE ID : CVE-2025-3455
Published : May 9, 2025, 7:16 a.m. | 8 hours, 45 minutes ago
Description : The 1 Click WordPress Migration Plugin – 100% FREE for a limited time plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'start_restore' function in all versions up to, and including, 2.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 07:16:00 GMT

read more

CVE-2025-3605 - WordPress Frontend Login and Registration Blocks Privilege Escalation Vulnerability

CVE ID : CVE-2025-3605
Published : May 9, 2025, 7:16 a.m. | 8 hours, 45 minutes ago
Description : The Frontend Login and Registration Blocks plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.0.7. This is due to the plugin not properly validating a user's identity prior to updating their details like email via the flr_blocks_user_settings_handle_ajax_callback() function. This makes it possible for unauthenticated attackers to change arbitrary user's email addresses, including administrators, and leverage that to reset the user's password and gain access to their account.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 07:16:00 GMT

read more

CVE-2025-4467 - SourceCodester Online Student Clearance System SQL Injection Vulnerability

CVE ID : CVE-2025-4467
Published : May 9, 2025, 7:16 a.m. | 8 hours, 45 minutes ago
Description : A vulnerability was found in SourceCodester Online Student Clearance System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/edit-admin.php. The manipulation of the argument txtfullname/txtemail/cmddesignation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 07:16:00 GMT

read more

CVE-2025-4468 - SourceCodester Online Student Clearance System File Upload Vulnerability

CVE ID : CVE-2025-4468
Published : May 9, 2025, 7:16 a.m. | 8 hours, 45 minutes ago
Description : A vulnerability was found in SourceCodester Online Student Clearance System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /edit-photo.php. The manipulation of the argument userImage leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 07:16:00 GMT

read more

CVE-2025-4469 - SourceCodester Online Student Clearance System Cross Site Scripting Vulnerability

CVE ID : CVE-2025-4469
Published : May 9, 2025, 7:16 a.m. | 8 hours, 45 minutes ago
Description : A vulnerability classified as problematic has been found in SourceCodester Online Student Clearance System 1.0. Affected is an unknown function of the file /admin/add-admin.php. The manipulation of the argument Username leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 07:16:00 GMT

read more

CVE-2025-4470 - SourceCodester Online Student Clearance System Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-4470
Published : May 9, 2025, 7:16 a.m. | 8 hours, 45 minutes ago
Description : A vulnerability classified as problematic was found in SourceCodester Online Student Clearance System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/add-student.php. The manipulation of the argument Fullname leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 07:16:00 GMT

read more

CVE-2025-37884 - Linux Kernel BPF Event Mutex Deadlock

CVE ID : CVE-2025-37884
Published : May 9, 2025, 7:16 a.m. | 7 hours, 38 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: bpf: Fix deadlock between rcu_tasks_trace and event_mutex. Fix the following deadlock: CPU A _free_event() perf_kprobe_destroy() mutex_lock(&event_mutex) perf_trace_event_unreg() synchronize_rcu_tasks_trace() There are several paths where _free_event() grabs event_mutex and calls sync_rcu_tasks_trace. Above is one such case. CPU B bpf_prog_test_run_syscall() rcu_read_lock_trace() bpf_prog_run_pin_on_cpu() bpf_prog_load() bpf_tracing_func_proto() trace_set_clr_event() mutex_lock(&event_mutex) Delegate trace_set_clr_event() to workqueue to avoid such lock dependency.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 07:16:00 GMT

read more

CVE-2025-37881 - Aspeed USB Gadget NULL Pointer Dereference

CVE ID : CVE-2025-37881
Published : May 9, 2025, 7:16 a.m. | 6 hours, 22 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev() The variable d->name, returned by devm_kasprintf(), could be NULL. A pointer check is added to prevent potential NULL pointer dereference. This is similar to the fix in commit 3027e7b15b02 ("ice: Fix some null pointer dereference issues in ice_ptp.c"). This issue is found by our static analysis tool
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 07:16:00 GMT

read more

CVE-2025-37882 - Linux Kernel USB xHCI Isochronous Ring Handling Vulnerability

CVE ID : CVE-2025-37882
Published : May 9, 2025, 7:16 a.m. | 6 hours, 22 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix isochronous Ring Underrun/Overrun event handling The TRB pointer of these events points at enqueue at the time of error occurrence on xHCI 1.1+ HCs or it's NULL on older ones. By the time we are handling the event, a new TD may be queued at this ring position. I can trigger this race by rising interrupt moderation to increase IRQ handling delay. Similar delay may occur naturally due to system load. If this ever happens after a Missed Service Error, missed TDs will be skipped and the new TD processed as if it matched the event. It could be given back prematurely, risking data loss or buffer UAF by the xHC. Don't complete TDs on xrun events and don't warn if queued TDs don't match the event's TRB pointer, which can be NULL or a link/no-op TRB. Don't warn if there are no queued TDs at all. Now that it's safe, also handle xrun events if the skip flag is clear. This ensures completion of any TD stuck in 'error mid TD' state right before the xrun event, which could happen if a driver submits a finite number of URBs to a buggy HC and then an error occurs on the last TD.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 07:16:00 GMT

read more

CVE-2025-37883 - IBM s390 Linux Kernel Null Pointer Dereference Vulnerability

CVE ID : CVE-2025-37883
Published : May 9, 2025, 7:16 a.m. | 6 hours, 22 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Add check for get_zeroed_page() Add check for the return value of get_zeroed_page() in sclp_console_init() to prevent null pointer dereference. Furthermore, to solve the memory leak caused by the loop allocation, add a free helper to do the free job.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 07:16:00 GMT

read more

CVE-2025-37876 - Linux NetFS NULL Pointer Dereference Vulnerability

CVE ID : CVE-2025-37876
Published : May 9, 2025, 7:16 a.m. | 3 hours, 38 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: netfs: Only create /proc/fs/netfs with CONFIG_PROC_FS When testing a special config: CONFIG_NETFS_SUPPORTS=y CONFIG_PROC_FS=n The system crashes with something like: [ 3.766197] ------------[ cut here ]------------ [ 3.766484] kernel BUG at mm/mempool.c:560! [ 3.766789] Oops: invalid opcode: 0000 [#1] SMP NOPTI [ 3.767123] CPU: 0 UID: 0 PID: 1 Comm: swapper/0 Tainted: G W [ 3.767777] Tainted: [W]=WARN [ 3.767968] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), [ 3.768523] RIP: 0010:mempool_alloc_slab.cold+0x17/0x19 [ 3.768847] Code: 50 fe ff 58 5b 5d 41 5c 41 5d 41 5e 41 5f e9 93 95 13 00 [ 3.769977] RSP: 0018:ffffc90000013998 EFLAGS: 00010286 [ 3.770315] RAX: 000000000000002f RBX: ffff888100ba8640 RCX: 0000000000000000 [ 3.770749] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 00000000ffffffff [ 3.771217] RBP: 0000000000092880 R08: 0000000000000000 R09: ffffc90000013828 [ 3.771664] R10: 0000000000000001 R11: 00000000ffffffea R12: 0000000000092cc0 [ 3.772117] R13: 0000000000000400 R14: ffff8881004b1620 R15: ffffea0004ef7e40 [ 3.772554] FS: 0000000000000000(0000) GS:ffff8881b5f3c000(0000) knlGS:0000000000000000 [ 3.773061] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 3.773443] CR2: ffffffff830901b4 CR3: 0000000004296001 CR4: 0000000000770ef0 [ 3.773884] PKRU: 55555554 [ 3.774058] Call Trace: [ 3.774232] [ 3.774371] mempool_alloc_noprof+0x6a/0x190 [ 3.774649] ? _printk+0x57/0x80 [ 3.774862] netfs_alloc_request+0x85/0x2ce [ 3.775147] netfs_readahead+0x28/0x170 [ 3.775395] read_pages+0x6c/0x350 [ 3.775623] ? srso_alias_return_thunk+0x5/0xfbef5 [ 3.775928] page_cache_ra_unbounded+0x1bd/0x2a0 [ 3.776247] filemap_get_pages+0x139/0x970 [ 3.776510] ? srso_alias_return_thunk+0x5/0xfbef5 [ 3.776820] filemap_read+0xf9/0x580 [ 3.777054] ? srso_alias_return_thunk+0x5/0xfbef5 [ 3.777368] ? srso_alias_return_thunk+0x5/0xfbef5 [ 3.777674] ? find_held_lock+0x32/0x90 [ 3.777929] ? netfs_start_io_read+0x19/0x70 [ 3.778221] ? netfs_start_io_read+0x19/0x70 [ 3.778489] ? srso_alias_return_thunk+0x5/0xfbef5 [ 3.778800] ? lock_acquired+0x1e6/0x450 [ 3.779054] ? srso_alias_return_thunk+0x5/0xfbef5 [ 3.779379] netfs_buffered_read_iter+0x57/0x80 [ 3.779670] __kernel_read+0x158/0x2c0 [ 3.779927] bprm_execve+0x300/0x7a0 [ 3.780185] kernel_execve+0x10c/0x140 [ 3.780423] ? __pfx_kernel_init+0x10/0x10 [ 3.780690] kernel_init+0xd5/0x150 [ 3.780910] ret_from_fork+0x2d/0x50 [ 3.781156] ? __pfx_kernel_init+0x10/0x10 [ 3.781414] ret_from_fork_asm+0x1a/0x30 [ 3.781677] [ 3.781823] Modules linked in: [ 3.782065] ---[ end trace 0000000000000000 ]--- This is caused by the following error path in netfs_init(): if (!proc_mkdir("fs/netfs", NULL)) goto error_proc; Fix this by adding ifdef in netfs_main(), so that /proc/fs/netfs is only created with CONFIG_PROC_FS.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 07:16:00 GMT

read more

CVE-2025-37877 - Linux Kernel IOMMU DMA Cleanup Vulnerability

CVE ID : CVE-2025-37877
Published : May 9, 2025, 7:16 a.m. | 3 hours, 38 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: iommu: Clear iommu-dma ops on cleanup If iommu_device_register() encounters an error, it can end up tearing down already-configured groups and default domains, however this currently still leaves devices hooked up to iommu-dma (and even historically the behaviour in this area was at best inconsistent across architectures/drivers...) Although in the case that an IOMMU is present whose driver has failed to probe, users cannot necessarily expect DMA to work anyway, it's still arguable that we should do our best to put things back as if the IOMMU driver was never there at all, and certainly the potential for crashing in iommu-dma itself is undesirable. Make sure we clean up the dev->dma_iommu flag along with everything else.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 07:16:00 GMT

read more

CVE-2025-37878 - Linux Kernel Perf Core Context Assignment Vulnerability

CVE ID : CVE-2025-37878
Published : May 9, 2025, 7:16 a.m. | 3 hours, 38 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix WARN_ON(!ctx) in __free_event() for partial init Move the get_ctx(child_ctx) call and the child_event->ctx assignment to occur immediately after the child event is allocated. Ensure that child_event->ctx is non-NULL before any subsequent error path within inherit_event calls free_event(), satisfying the assumptions of the cleanup code. Details: There's no clear Fixes tag, because this bug is a side-effect of multiple interacting commits over time (up to 15 years old), not a single regression. The code initially incremented refcount then assigned context immediately after the child_event was created. Later, an early validity check for child_event was added before the refcount/assignment. Even later, a WARN_ON_ONCE() cleanup check was added, assuming event->ctx is valid if the pmu_ctx is valid. The problem is that the WARN_ON_ONCE() could trigger after the initial check passed but before child_event->ctx was assigned, violating its precondition. The solution is to assign child_event->ctx right after its initial validation. This ensures the context exists for any subsequent checks or cleanup routines, resolving the WARN_ON_ONCE(). To resolve it, defer the refcount update and child_event->ctx assignment directly after child_event->pmu_ctx is set but before checking if the parent event is orphaned. The cleanup routine depends on event->pmu_ctx being non-NULL before it verifies event->ctx is non-NULL. This also maintains the author's original intent of passing in child_ctx to find_get_pmu_context before its refcount/assignment. [ mingo: Expanded the changelog from another email by Gabriel Shahrouzi. ]
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 07:16:00 GMT

read more

CVE-2025-37879 - "Linux 9p Client Signed Integer Vulnerability"

CVE ID : CVE-2025-37879
Published : May 9, 2025, 7:16 a.m. | 3 hours, 38 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: 9p/net: fix improper handling of bogus negative read/write replies In p9_client_write() and p9_client_read_once(), if the server incorrectly replies with success but a negative write/read count then we would consider written (negative) <= rsize (positive) because both variables were signed. Make variables unsigned to avoid this problem. The reproducer linked below now fails with the following error instead of a null pointer deref: 9pnet: bogus RWRITE count (4294967295 > 3)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 07:16:00 GMT

read more

CVE-2025-37880 - Linux um Time-Travel Scheduling Vulnerability (Deadlock)

CVE ID : CVE-2025-37880
Published : May 9, 2025, 7:16 a.m. | 3 hours, 38 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: um: work around sched_yield not yielding in time-travel mode sched_yield by a userspace may not actually cause scheduling in time-travel mode as no time has passed. In the case seen it appears to be a badly implemented userspace spinlock in ASAN. Unfortunately, with time-travel it causes an extreme slowdown or even deadlock depending on the kernel configuration (CONFIG_UML_MAX_USERSPACE_ITERATIONS). Work around it by accounting time to the process whenever it executes a sched_yield syscall.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 07:16:00 GMT

read more

CVE-2025-37875 - "Ionic Gigabit Controller (igc) PTM Trigger Logic Vulnerability"

CVE ID : CVE-2025-37875
Published : May 9, 2025, 7:16 a.m. | 2 hours, 44 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: igc: fix PTM cycle trigger logic Writing to clear the PTM status 'valid' bit while the PTM cycle is triggered results in unreliable PTM operation. To fix this, clear the PTM 'trigger' and status after each PTM transaction. The issue can be reproduced with the following: $ sudo phc2sys -R 1000 -O 0 -i tsn0 -m Note: 1000 Hz (-R 1000) is unrealistically large, but provides a way to quickly reproduce the issue. PHC2SYS exits with: "ioctl PTP_OFFSET_PRECISE: Connection timed out" when the PTM transaction fails This patch also fixes a hang in igc_probe() when loading the igc driver in the kdump kernel on systems supporting PTM. The igc driver running in the base kernel enables PTM trigger in igc_probe(). Therefore the driver is always in PTM trigger mode, except in brief periods when manually triggering a PTM cycle. When a crash occurs, the NIC is reset while PTM trigger is enabled. Due to a hardware problem, the NIC is subsequently in a bad busmaster state and doesn't handle register reads/writes. When running igc_probe() in the kdump kernel, the first register access to a NIC register hangs driver probing and ultimately breaks kdump. With this patch, igc has PTM trigger disabled most of the time, and the trigger is only enabled for very brief (10 - 100 us) periods when manually triggering a PTM cycle. Chances that a crash occurs during a PTM trigger are not 0, but extremely reduced.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 07:16:00 GMT

read more

CVE-2025-37873 - "bnxt Ethernet Driver DMA Mapping Error Crash Vulnerability"

CVE ID : CVE-2025-37873
Published : May 9, 2025, 7:16 a.m. | 1 hour, 15 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: fix missing ring index trim on error path Commit under Fixes converted tx_prod to be free running but missed masking it on the Tx error path. This crashes on error conditions, for example when DMA mapping fails.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 07:16:00 GMT

read more

CVE-2025-37874 - "Netgear BE Wireless Driver Memory Leak"

CVE ID : CVE-2025-37874
Published : May 9, 2025, 7:16 a.m. | 1 hour, 15 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: net: ngbe: fix memory leak in ngbe_probe() error path When ngbe_sw_init() is called, memory is allocated for wx->rss_key in wx_init_rss_key(). However, in ngbe_probe() function, the subsequent error paths after ngbe_sw_init() don't free the rss_key. Fix that by freeing it in error path along with wx->mac_table. Also change the label to which execution jumps when ngbe_sw_init() fails, because otherwise, it could lead to a double free for rss_key, when the mac_table allocation fails in wx_sw_init().
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 07:16:00 GMT

read more

CVE-2025-37871 - Linux Kernel NFSd Deadlock Vulnerability

CVE ID : CVE-2025-37871
Published : May 9, 2025, 7:16 a.m. | 44 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: nfsd: decrease sc_count directly if fail to queue dl_recall A deadlock warning occurred when invoking nfs4_put_stid following a failed dl_recall queue operation: T1 T2 nfs4_laundromat nfs4_get_client_reaplist nfs4_anylock_blockers __break_lease spin_lock // ctx->flc_lock spin_lock // clp->cl_lock nfs4_lockowner_has_blockers locks_owner_has_blockers spin_lock // flctx->flc_lock nfsd_break_deleg_cb nfsd_break_one_deleg nfs4_put_stid refcount_dec_and_lock spin_lock // clp->cl_lock When a file is opened, an nfs4_delegation is allocated with sc_count initialized to 1, and the file_lease holds a reference to the delegation. The file_lease is then associated with the file through kernel_setlease. The disassociation is performed in nfsd4_delegreturn via the following call chain: nfsd4_delegreturn --> destroy_delegation --> destroy_unhashed_deleg --> nfs4_unlock_deleg_lease --> kernel_setlease --> generic_delete_lease The corresponding sc_count reference will be released after this disassociation. Since nfsd_break_one_deleg executes while holding the flc_lock, the disassociation process becomes blocked when attempting to acquire flc_lock in generic_delete_lease. This means: 1) sc_count in nfsd_break_one_deleg will not be decremented to 0; 2) The nfs4_put_stid called by nfsd_break_one_deleg will not attempt to acquire cl_lock; 3) Consequently, no deadlock condition is created. Given that sc_count in nfsd_break_one_deleg remains non-zero, we can safely perform refcount_dec on sc_count directly. This approach effectively avoids triggering deadlock warnings.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 07:16:00 GMT

read more

CVE-2025-37872 - NetXtreme Gigabit Ethernet (TXGBE) Memory Leak Vulnerability

CVE ID : CVE-2025-37872
Published : May 9, 2025, 7:16 a.m. | 44 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: net: txgbe: fix memory leak in txgbe_probe() error path When txgbe_sw_init() is called, memory is allocated for wx->rss_key in wx_init_rss_key(). However, in txgbe_probe() function, the subsequent error paths after txgbe_sw_init() don't free the rss_key. Fix that by freeing it in error path along with wx->mac_table. Also change the label to which execution jumps when txgbe_sw_init() fails, because otherwise, it could lead to a double free for rss_key, when the mac_table allocation fails in wx_sw_init().
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 07:16:00 GMT

read more

CVE-2025-3462 - ASUS DriverHub HTTP Request Validation Bypass

CVE ID : CVE-2025-3462
Published : May 9, 2025, 6:15 a.m. | 15 minutes ago
Description : "This issue is limited to motherboards and does not affect laptops, desktop computers, or other endpoints." An insufficient validation in ASUS DriverHub may allow unauthorized sources to interact with the software's features via crafted HTTP requests. Refer to the 'Security Update for ASUS DriverHub' section on the ASUS Security Advisory for more information.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 06:15:00 GMT

read more

CVE-2025-3463 - "ASUS DriverHub HTTP Request Validation Vulnerability"

CVE ID : CVE-2025-3463
Published : May 9, 2025, 6:15 a.m. | 15 minutes ago
Description : "This issue is limited to motherboards and does not affect laptops, desktop computers, or other endpoints." An insufficient validation vulnerability in ASUS DriverHub may allow untrusted sources to affect system behavior via crafted HTTP requests. Refer to the 'Security Update for ASUS DriverHub' section on the ASUS Security Advisory for more information.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 06:15:00 GMT

read more

CVE-2025-4375 - Sparx Systems Pro Cloud Server CSRF Session Hijacking

CVE ID : CVE-2025-4375
Published : May 9, 2025, 6:15 a.m. | 15 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in Sparx Systems Pro Cloud Server allows Cross-Site Request Forgery to perform Session Hijacking. Cross-Site Request Forgery is present at the whole application but it can be used to change the Pro Cloud Server Configuration password. This issue affects Pro Cloud Server: earlier than 6.0.165.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 06:15:00 GMT

read more

CVE-2025-4376 - Sparx Systems Pro Cloud Server Cross-Site Scripting (XSS)

CVE ID : CVE-2025-4376
Published : May 9, 2025, 6:15 a.m. | 15 minutes ago
Description : Improper Input Validation vulnerability in Sparx Systems Pro Cloud Server's WebEA model search field allows Cross-Site Scripting (XSS). This issue affects Pro Cloud Server: earlier than 6.0.165.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 06:15:00 GMT

read more

CVE-2025-4377 - Sparx Systems Pro Cloud Server Path Traversal

CVE ID : CVE-2025-4377
Published : May 9, 2025, 6:15 a.m. | 15 minutes ago
Description : Improper Limitation of a Pathname caused a Path Traversal vulnerability in Sparx Systems Pro Cloud Server. This vulnerability is present in logview.php and it allows reading arbitrary files on the filesystem.  Logview is accessible on Pro Cloud Server Configuration interface. This issue affects Pro Cloud Server: earlier than 6.0.165.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 06:15:00 GMT

read more

CVE-2025-4464 - iSourcecode Gym Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4464
Published : May 9, 2025, 6:15 a.m. | 15 minutes ago
Description : A vulnerability has been found in itsourcecode Gym Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=save_plan. The manipulation of the argument plan leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 06:15:00 GMT

read more

CVE-2025-4465 - iSourcecode Gym Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4465
Published : May 9, 2025, 6:15 a.m. | 15 minutes ago
Description : A vulnerability was found in itsourcecode Gym Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /ajax.php?action=save_schedule. The manipulation of the argument member_id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 06:15:00 GMT

read more

CVE-2025-4466 - iSourcecode Gym Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4466
Published : May 9, 2025, 6:15 a.m. | 15 minutes ago
Description : A vulnerability was found in itsourcecode Gym Management System 1.0. It has been classified as critical. This affects an unknown part of the file /ajax.php?action=save_payment. The manipulation of the argument registration_id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 06:15:00 GMT

read more

CVE-2025-47735 - Wgp Rust Lack of Drop Slow Thread Synchronization

CVE ID : CVE-2025-47735
Published : May 9, 2025, 5:15 a.m. | 1 hour, 15 minutes ago
Description : inner::drop in inner.rs in the wgp crate through 0.2.0 for Rust lacks drop_slow thread synchronization.
Severity: 2.9 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 05:15:00 GMT

read more

CVE-2025-47736 - SQLite3 Parser Invalid UTF-8 Input Crash

CVE ID : CVE-2025-47736
Published : May 9, 2025, 5:15 a.m. | 1 hour, 15 minutes ago
Description : dialect/mod.rs in the libsql-sqlite3-parser crate through 0.13.0 before 14f422a for Rust can crash if the input is not valid UTF-8.
Severity: 2.9 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 05:15:00 GMT

read more

CVE-2025-47737 - Trailer lib.rs Zero-Sized Allocation Mishandle

CVE ID : CVE-2025-47737
Published : May 9, 2025, 5:15 a.m. | 1 hour, 15 minutes ago
Description : lib.rs in the trailer crate through 0.1.2 for Rust mishandles allocating with a size of zero.
Severity: 2.9 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 05:15:00 GMT

read more

CVE-2025-4461 - TOTOLINK N150RT Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-4461
Published : May 9, 2025, 5:15 a.m. | 1 hour, 15 minutes ago
Description : A vulnerability classified as problematic was found in TOTOLINK N150RT 3.4.0-B20190525. This vulnerability affects unknown code of the component Virtual Server Page. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 05:15:00 GMT

read more

CVE-2025-4462 - TOTOLINK N150RT Buffer Overflow Vulnerability

CVE ID : CVE-2025-4462
Published : May 9, 2025, 5:15 a.m. | 1 hour, 15 minutes ago
Description : A vulnerability, which was classified as critical, has been found in TOTOLINK N150RT 3.4.0-B20190525. This issue affects some unknown processing of the file /boafrm/formWsc. The manipulation of the argument localPin leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 05:15:00 GMT

read more

CVE-2025-4463 - iSourcecode Gym Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4463
Published : May 9, 2025, 5:15 a.m. | 1 hour, 15 minutes ago
Description : A vulnerability, which was classified as critical, was found in itsourcecode Gym Management System 1.0. Affected is an unknown function of the file /ajax.php?action=save_package. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 05:15:00 GMT

read more

CVE-2025-3710 - "KVM Over IP Switch CL5708IM Stack-based Buffer Overflow Vulnerability"

CVE ID : CVE-2025-3710
Published : May 9, 2025, 4:16 a.m. | 2 hours, 15 minutes ago
Description : The LCD KVM over IP Switch CL5708IM has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 04:16:00 GMT

read more

CVE-2025-3711 - "LCD KVM over IP Switch CL5708IM Stack-based Buffer Overflow Vulnerability"

CVE ID : CVE-2025-3711
Published : May 9, 2025, 4:16 a.m. | 2 hours, 15 minutes ago
Description : The LCD KVM over IP Switch CL5708IM has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 04:16:00 GMT

read more

CVE-2025-3712 - "LCD KVM over IP Switch CL5708IM Heap-based Buffer Overflow Denial-of-Service Vulnerability"

CVE ID : CVE-2025-3712
Published : May 9, 2025, 4:16 a.m. | 2 hours, 15 minutes ago
Description : The LCD KVM over IP Switch CL5708IM has a Heap-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to perform a denial-of-service attack.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 04:16:00 GMT

read more

CVE-2025-3713 - "LCD KVM over IP Switch CL5708IM Heap-based Buffer Overflow Denial-of-Service Vulnerability"

CVE ID : CVE-2025-3713
Published : May 9, 2025, 4:16 a.m. | 2 hours, 15 minutes ago
Description : The LCD KVM over IP Switch CL5708IM has a Heap-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to perform a denial-of-service attack.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 04:16:00 GMT

read more

CVE-2025-3714 - "LCD KVM over IP Switch CL5708IM Stack-based Buffer Overflow Vulnerability"

CVE ID : CVE-2025-3714
Published : May 9, 2025, 4:16 a.m. | 2 hours, 15 minutes ago
Description : The LCD KVM over IP Switch CL5708IM has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 04:16:00 GMT

read more

CVE-2025-4456 - Project Worlds Car Rental Project SQL Injection Vulnerability

CVE ID : CVE-2025-4456
Published : May 9, 2025, 4:16 a.m. | 2 hours, 14 minutes ago
Description : A vulnerability classified as critical has been found in Project Worlds Car Rental Project 1.0. Affected is an unknown function of the file /signup.php. The manipulation of the argument fname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 04:16:00 GMT

read more

CVE-2025-4457 - "Project Worlds Car Rental Project SQL Injection Vulnerability"

CVE ID : CVE-2025-4457
Published : May 9, 2025, 4:16 a.m. | 2 hours, 14 minutes ago
Description : A vulnerability classified as critical was found in Project Worlds Car Rental Project 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/approve.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 04:16:00 GMT

read more

CVE-2025-4458 - Code-projects Patient Record Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4458
Published : May 9, 2025, 4:16 a.m. | 2 hours, 14 minutes ago
Description : A vulnerability was found in code-projects Patient Record Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /edit_upatient.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 04:16:00 GMT

read more

CVE-2025-4459 - Code-projects Patient Record Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4459
Published : May 9, 2025, 4:16 a.m. | 2 hours, 14 minutes ago
Description : A vulnerability was found in code-projects Patient Record Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file fecalysis_form.php. The manipulation of the argument itr_no leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 04:16:00 GMT

read more

CVE-2025-4460 - TOTOLINK N150RT Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-4460
Published : May 9, 2025, 4:16 a.m. | 2 hours, 14 minutes ago
Description : A vulnerability classified as problematic has been found in TOTOLINK N150RT 3.4.0-B20190525. This affects an unknown part of the component URL Filtering Page. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 04:16:00 GMT

read more

CVE-2025-4455 - Patch My PC Home Updater DLL Search Path Manipulation Vulnerability

CVE ID : CVE-2025-4455
Published : May 9, 2025, 3:15 a.m. | 3 hours, 15 minutes ago
Description : A vulnerability was found in Patch My PC Home Updater up to 5.1.3.0. It has been rated as critical. This issue affects some unknown processing in the library advapi32.dll/BCrypt.dll/comctl32.dll/crypt32.dll/dwmapi.dll/gdi32.dll/gdiplus.dll/imm32.dll/iphlpapi.dll/kernel32.dll/mscms.dll/msctf.dll/ntdll.dll/ole32.dll/oleaut32.dll/PresentationNative_cor3.dll/secur32.dll/shcore.dll/shell32.dll/sspicli.dll/System.IO. The manipulation leads to uncontrolled search path. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 03:15:00 GMT

read more

CVE-2025-3810 - WordPress WPBookit Privilege Escalation Vulnerability

CVE ID : CVE-2025-3810
Published : May 9, 2025, 3:15 a.m. | 1 hour, 39 minutes ago
Description : The WPBookit plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.0.2. This is due to the plugin not properly validating a user's identity prior to updating their details like password and email through the edit_profile_data() function. This makes it possible for unauthenticated attackers to change arbitrary user's email addresses and passwords, including administrators, and leverage that to gain access to their account.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 03:15:00 GMT

read more

CVE-2025-3811 - WordPress WPBookit Privilege Escalation Account Takeover Vulnerability

CVE ID : CVE-2025-3811
Published : May 9, 2025, 3:15 a.m. | 1 hour, 39 minutes ago
Description : The WPBookit plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.0.2. This is due to the plugin not properly validating a user's identity prior to updating their details like email through the edit_newdata_customer_callback() function. This makes it possible for unauthenticated attackers to change arbitrary user's email addresses, including administrators, and leverage that to reset the user's password and gain access to their account.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 03:15:00 GMT

read more

CVE-2025-4434 - WordPress Remote Images Grabber Plugin Reflected Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-4434
Published : May 9, 2025, 3:15 a.m. | 1 hour, 39 minutes ago
Description : The Remote Images Grabber plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 0.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 03:15:00 GMT

read more

CVE-2025-4453 - D-Link DIR-619L Remote Command Injection Vulnerability

CVE ID : CVE-2025-4453
Published : May 9, 2025, 3:15 a.m. | 1 hour, 39 minutes ago
Description : A vulnerability was found in D-Link DIR-619L 2.04B04. It has been classified as critical. This affects the function formSysCmd. The manipulation of the argument sysCmd leads to command injection. It is possible to initiate the attack remotely. The vendor was contacted early about this disclosure. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 03:15:00 GMT

read more

CVE-2025-4454 - D-Link DIR-619L Wake_on_Lan Command Injection Vulnerability

CVE ID : CVE-2025-4454
Published : May 9, 2025, 3:15 a.m. | 1 hour, 39 minutes ago
Description : A vulnerability was found in D-Link DIR-619L 2.04B04. It has been declared as critical. This vulnerability affects the function wake_on_lan. The manipulation of the argument mac leads to command injection. The attack can be initiated remotely. The vendor was contacted early about this disclosure. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 03:15:00 GMT

read more

CVE-2025-4452 - D-Link DIR-619L Buffer Overflow Vulnerability

CVE ID : CVE-2025-4452
Published : May 9, 2025, 2:15 a.m. | 2 hours, 39 minutes ago
Description : A vulnerability was found in D-Link DIR-619L 2.04B04 and classified as critical. Affected by this issue is the function formSetWizard2. The manipulation of the argument curTime leads to buffer overflow. The attack may be launched remotely. The vendor was contacted early about this disclosure. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 02:15:00 GMT

read more

CVE-2025-4448 - D-Link DIR-619L Remote Buffer Overflow Vulnerability

CVE ID : CVE-2025-4448
Published : May 9, 2025, 1:15 a.m. | 3 hours, 38 minutes ago
Description : A vulnerability classified as critical was found in D-Link DIR-619L 2.04B04. This vulnerability affects the function formEasySetupWizard. The manipulation of the argument curTime leads to buffer overflow. The attack can be initiated remotely. The vendor was contacted early about this disclosure. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 01:15:00 GMT

read more

CVE-2025-4449 - D-Link DIR-619L Remote Buffer Overflow Vulnerability

CVE ID : CVE-2025-4449
Published : May 9, 2025, 1:15 a.m. | 3 hours, 38 minutes ago
Description : A vulnerability, which was classified as critical, has been found in D-Link DIR-619L 2.04B04. This issue affects the function formEasySetupWizard3. The manipulation of the argument wan_connected leads to buffer overflow. The attack may be initiated remotely. The vendor was contacted early about this disclosure. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 01:15:00 GMT

read more

CVE-2025-4450 - D-Link DIR-619L Remote Buffer Overflow Vulnerability

CVE ID : CVE-2025-4450
Published : May 9, 2025, 1:15 a.m. | 3 hours, 38 minutes ago
Description : A vulnerability, which was classified as critical, was found in D-Link DIR-619L 2.04B04. Affected is the function formSetEasy_Wizard. The manipulation of the argument curTime leads to buffer overflow. It is possible to launch the attack remotely. The vendor was contacted early about this disclosure. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 01:15:00 GMT

read more

CVE-2025-4451 - D-Link DIR-619L Remote Buffer Overflow Vulnerability

CVE ID : CVE-2025-4451
Published : May 9, 2025, 1:15 a.m. | 3 hours, 38 minutes ago
Description : A vulnerability has been found in D-Link DIR-619L 2.04B04 and classified as critical. Affected by this vulnerability is the function formSetWAN_Wizard52. The manipulation of the argument curTime leads to buffer overflow. The attack can be launched remotely. The vendor was contacted early about this disclosure. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 01:15:00 GMT

read more

CVE-2025-4442 - D-Link DIR-605L Remote Buffer Overflow Vulnerability

CVE ID : CVE-2025-4442
Published : May 9, 2025, 12:15 a.m. | 4 hours, 39 minutes ago
Description : A vulnerability was found in D-Link DIR-605L 2.13B01. It has been declared as critical. This vulnerability affects the function formSetWAN_Wizard55. The manipulation of the argument curTime leads to buffer overflow. The attack can be initiated remotely. The vendor was contacted early about this disclosure. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 00:15:00 GMT

read more

CVE-2025-4443 - D-Link DIR-605L Remote Command Injection Vulnerability

CVE ID : CVE-2025-4443
Published : May 9, 2025, 12:15 a.m. | 4 hours, 39 minutes ago
Description : A vulnerability was found in D-Link DIR-605L 2.13B01. It has been rated as critical. This issue affects the function sub_454F2C. The manipulation of the argument sysCmd leads to command injection. The attack may be initiated remotely. The vendor was contacted early about this disclosure. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 00:15:00 GMT

read more

CVE-2025-4445 - D-Link DIR-605L Wake-on-LAN Command Injection Vulnerability

CVE ID : CVE-2025-4445
Published : May 9, 2025, 12:15 a.m. | 4 hours, 39 minutes ago
Description : A vulnerability classified as critical has been found in D-Link DIR-605L 2.13B01. Affected is the function wake_on_lan. The manipulation of the argument mac leads to command injection. It is possible to launch the attack remotely. The vendor was contacted early about this disclosure. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 00:15:00 GMT

read more

CVE-2025-4446 - H3C GR-5400AX Local Buffer Overflow Vulnerability

CVE ID : CVE-2025-4446
Published : May 9, 2025, 12:15 a.m. | 4 hours, 39 minutes ago
Description : A vulnerability has been found in H3C GR-5400AX up to 100R008 and classified as critical. This vulnerability affects the function Edit_List_SSID of the file /goform/aspForm. The manipulation of the argument param leads to buffer overflow. The attack needs to be approached within the local network.
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 09 May 2025 00:15:00 GMT

read more

CVE-2025-29813 - Microsoft Visual Studio Pipeline Job Token Elevation of Privilege Vulnerability

CVE ID : CVE-2025-29813
Published : May 8, 2025, 11:15 p.m. | 4 hours, 44 minutes ago
Description : An elevation of privilege vulnerability exists when Visual Studio improperly handles pipeline job tokens. An attacker who successfully exploited this vulnerability could extend their access to a project. To exploit this vulnerability, an attacker would first have to have access to the project and swap the short-term token for a long-term one. The update addresses the vulnerability by correcting how the Visual Studio updater handles these tokens.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 23:15:00 GMT

read more

CVE-2025-29827 - Azure Automation Unprivileged Elevation of Privilege

CVE ID : CVE-2025-29827
Published : May 8, 2025, 11:15 p.m. | 4 hours, 44 minutes ago
Description : Improper Authorization in Azure Automation allows an authorized attacker to elevate privileges over a network.
Severity: 9.9 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 23:15:00 GMT

read more

CVE-2025-29972 - Azure SSRF Spoofing Vulnerability

CVE ID : CVE-2025-29972
Published : May 8, 2025, 11:15 p.m. | 4 hours, 44 minutes ago
Description : Server-Side Request Forgery (SSRF) in Azure allows an authorized attacker to perform spoofing over a network.
Severity: 9.9 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 23:15:00 GMT

read more

CVE-2025-31946 - Pixmeo OsiriX MD Local Use After Free Vulnerability

CVE ID : CVE-2025-31946
Published : May 8, 2025, 11:15 p.m. | 4 hours, 44 minutes ago
Description : Pixmeo OsiriX MD is vulnerable to a local use after free scenario, which could allow an attacker to locally import a crafted DICOM file and cause memory corruption or a system crash.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 23:15:00 GMT

read more

CVE-2025-33072 - Azure Azure Network Information Disclosure

CVE ID : CVE-2025-33072
Published : May 8, 2025, 11:15 p.m. | 4 hours, 44 minutes ago
Description : Improper access control in Azure allows an unauthorized attacker to disclose information over a network.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 23:15:00 GMT

read more

CVE-2025-47732 - Microsoft Dataverse Remote Code Execution (RCE)

CVE ID : CVE-2025-47732
Published : May 8, 2025, 11:15 p.m. | 4 hours, 44 minutes ago
Description : Microsoft Dataverse Remote Code Execution Vulnerability
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 23:15:00 GMT

read more

CVE-2025-47733 - Microsoft Power Apps SSRF Vulnerability

CVE ID : CVE-2025-47733
Published : May 8, 2025, 11:15 p.m. | 4 hours, 44 minutes ago
Description : Server-Side Request Forgery (SSRF) in Microsoft Power Apps allows an unauthorized attacker to disclose information over a network
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 23:15:00 GMT

read more

CVE-2025-4107 - Microsoft Windows SMB Remote Code Execution Vulnerability

CVE ID : CVE-2025-4107
Published : May 8, 2025, 11:15 p.m. | 4 hours, 44 minutes ago
Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 23:15:00 GMT

read more

CVE-2025-4440 - H3C GR-1800AX Buffer Overflow Vulnerability

CVE ID : CVE-2025-4440
Published : May 8, 2025, 11:15 p.m. | 4 hours, 44 minutes ago
Description : A vulnerability was found in H3C GR-1800AX up to 100R008 and classified as critical. Affected by this issue is the function EnableIpv6 of the file /goform/aspForm. The manipulation of the argument param leads to buffer overflow. Access to the local network is required for this attack to succeed. The exploit has been disclosed to the public and may be used.
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 23:15:00 GMT

read more

CVE-2025-4441 - D-Link DIR-605L Remote Buffer Overflow Vulnerability

CVE ID : CVE-2025-4441
Published : May 8, 2025, 11:15 p.m. | 4 hours, 44 minutes ago
Description : A vulnerability was found in D-Link DIR-605L 2.13B01. It has been classified as critical. This affects the function formSetWAN_Wizard534. The manipulation of the argument curTime leads to buffer overflow. It is possible to initiate the attack remotely. The vendor was contacted early about this disclosure. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 23:15:00 GMT

read more

CVE-2025-27578 - Pixmeo OsiriX MD Denial-of-Service Use-After-Free Vulnerability

CVE ID : CVE-2025-27578
Published : May 8, 2025, 11:15 p.m. | 3 hours, 15 minutes ago
Description : Pixmeo OsiriX MD is vulnerable to a use after free scenario, which could allow an attacker to upload a crafted DICOM file and cause memory corruption leading to a denial-of-service condition.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 23:15:00 GMT

read more

CVE-2025-27720 - Pixmeo Osirix MD Unencrypted Credential Disclosure

CVE ID : CVE-2025-27720
Published : May 8, 2025, 11:15 p.m. | 3 hours, 15 minutes ago
Description : The Pixmeo Osirix MD Web Portal sends credential information without encryption, which could allow an attacker to steal credentials.
Severity: 7.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 23:15:00 GMT

read more

CVE-2025-1329 - IBM CICS TX DNS Rebinding Vulnerability

CVE ID : CVE-2025-1329
Published : May 8, 2025, 10:15 p.m. | 4 hours, 15 minutes ago
Description : IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to failure to handle DNS return requests by the gethostbyaddr function.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 22:15:00 GMT

read more

CVE-2025-1330 - IBM CICS TX DNS Code Injection

CVE ID : CVE-2025-1330
Published : May 8, 2025, 10:15 p.m. | 4 hours, 15 minutes ago
Description : IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1  could allow a local user to execute arbitrary code on the system due to failure to handle DNS return requests by the gethostbyname function.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 22:15:00 GMT

read more

CVE-2025-1331 - IBM CICS TX Buffer Overflow Vulnerability

CVE ID : CVE-2025-1331
Published : May 8, 2025, 10:15 p.m. | 4 hours, 15 minutes ago
Description : IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to the use of unsafe use of the gets function.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 22:15:00 GMT

read more

CVE-2025-28074 - phpList XSS Injection

CVE ID : CVE-2025-28074
Published : May 8, 2025, 9:15 p.m. | 5 hours, 15 minutes ago
Description : phpList prior to 3.6.3 is vulnerable to Cross-Site Scripting (XSS) due to improper input sanitization in lt.php. The vulnerability is exploitable when the application dynamically references internal paths and processes untrusted input without escaping, allowing an attacker to inject malicious JavaScript.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 21:15:00 GMT

read more

CVE-2023-31585 - Grocery-CMS-PHP Unauthenticated File Upload Vulnerability

CVE ID : CVE-2023-31585
Published : May 8, 2025, 9:15 p.m. | 2 hours, 22 minutes ago
Description : Grocery-CMS-PHP-Restful-API v1.3 is vulnerable to File Upload via /admin/add-category.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 21:15:00 GMT

read more

CVE-2025-45790 - TOTOLINK A3100R Buffer Overflow Vulnerability

CVE ID : CVE-2025-45790
Published : May 8, 2025, 8:15 p.m. | 3 hours, 22 minutes ago
Description : TOTOLINK A3100R V5.9c.1527 is vulnerable to Buffer Overflow via the priority parameter in the setMacQos interface of /lib/cste_modules/firewall.so.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 20:15:00 GMT

read more

CVE-2025-45797 - TOTOlink A950RG Buffer Overflow Vulnerability in NoticeUrl Parameter

CVE ID : CVE-2025-45797
Published : May 8, 2025, 8:15 p.m. | 3 hours, 22 minutes ago
Description : TOTOlink A950RG V4.1.2cu.5204_B20210112 contains a buffer overflow vulnerability. The vulnerability arises from the improper input validation of the NoticeUrl parameter in the setNoticeCfg interface of /lib/cste_modules/system.so.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 20:15:00 GMT

read more

CVE-2025-45798 - TOTOLINK A950RG Command Execution Vulnerability

CVE ID : CVE-2025-45798
Published : May 8, 2025, 8:15 p.m. | 3 hours, 22 minutes ago
Description : A command execution vulnerability exists in the TOTOLINK A950RG V4.1.2cu.5204_B20210112. The vulnerability is located in the setNoticeCfg interface within the /lib/cste_modules/system.so library, specifically in the processing of the IpTo parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 20:15:00 GMT

read more

CVE-2025-46336 - Rack::Session Pool Session Restoration Vulnerability

CVE ID : CVE-2025-46336
Published : May 8, 2025, 8:15 p.m. | 3 hours, 22 minutes ago
Description : Rack::Session is a session management implementation for Rack. In versions starting from 2.0.0 to before 2.1.1, when using the Rack::Session::Pool middleware, and provided the attacker can acquire a session cookie (already a major issue), the session may be restored if the attacker can trigger a long running request (within that same session) adjacent to the user logging out, in order to retain illicit access even after a user has attempted to logout. This issue has been patched in version 2.1.1.
Severity: 4.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 20:15:00 GMT

read more

CVE-2025-46712 - Erlang/OTP SSH Man-in-the-Middle Injection Vulnerability

CVE ID : CVE-2025-46712
Published : May 8, 2025, 8:15 p.m. | 3 hours, 22 minutes ago
Description : Erlang/OTP is a set of libraries for the Erlang programming language. In versions prior to OTP-27.3.4 (for OTP-27), OTP-26.2.5.12 (for OTP-26), and OTP-25.3.2.21 (for OTP-25), Erlang/OTP SSH fails to enforce strict KEX handshake hardening measures by allowing optional messages to be exchanged. This allows a Man-in-the-Middle attacker to inject these messages in a connection during the handshake. This issue has been patched in versions OTP-27.3.4 (for OTP-27), OTP-26.2.5.12 (for OTP-26), and OTP-25.3.2.21 (for OTP-25).
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 20:15:00 GMT

read more

CVE-2025-46812 - Trix Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-46812
Published : May 8, 2025, 8:15 p.m. | 3 hours, 22 minutes ago
Description : Trix is a what-you-see-is-what-you-get rich text editor for everyday writing. Versions prior to 2.1.15 are vulnerable to XSS attacks when pasting malicious code. An attacker could trick a user to copy and paste malicious code that would execute arbitrary JavaScript code within the context of the user's session, potentially leading to unauthorized actions being performed or sensitive information being disclosed. This issue has been patched in version 2.1.15.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 20:15:00 GMT

read more

CVE-2025-46833 - Apache SimplePythonEncryption RSA Brute Force Decryption Vulnerability

CVE ID : CVE-2025-46833
Published : May 8, 2025, 8:15 p.m. | 3 hours, 22 minutes ago
Description : Programs/P73_SimplePythonEncryption.py illustrates a simple Python encryption example using the RSA Algorithm. In versions prior to commit 6ce60b1, an attacker may be able to decrypt the data using brute force attacks and because of this the whole application can be impacted. This issue has been patched in commit 6ce60b1. A workaround involves increasing the key size, for RSA or DSA this is at least 2048 bits, for ECC this is at least 256 bits.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 20:15:00 GMT

read more

CVE-2025-4475 - Here is a potential title for the vulnerability:"Apache Struts Remote Code Execution Vulnerability"

CVE ID : CVE-2025-4475
Published : May 8, 2025, 8:15 p.m. | 3 hours, 22 minutes ago
Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 20:15:00 GMT

read more

CVE-2024-9448 - Arista EOS Traffic Policy Unvalidated Packet Forwarding

CVE ID : CVE-2024-9448
Published : May 8, 2025, 8:15 p.m. | 2 hours, 38 minutes ago
Description : On affected platforms running Arista EOS with Traffic Policies configured the vulnerability will cause received untagged packets not to hit Traffic Policy rules that they are expected to hit. If the rule was to drop the packet, the packet will not be dropped and instead will be forwarded as if the rule was not in place. This could lead to packets being delivered to unexpected destinations.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 20:15:00 GMT

read more

CVE-2025-28073 - phpList Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-28073
Published : May 8, 2025, 8:15 p.m. | 2 hours, 38 minutes ago
Description : phpList 3.6.3 is vulnerable to Reflected Cross-Site Scripting (XSS) via the /lists/dl.php endpoint. An attacker can inject arbitrary JavaScript code by manipulating the id parameter, which is improperly sanitized.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 20:15:00 GMT

read more

CVE-2025-44023 - D-Link DNS-320 Arbitrary Code Execution Vulnerability

CVE ID : CVE-2025-44023
Published : May 8, 2025, 8:15 p.m. | 2 hours, 38 minutes ago
Description : An issue in dlink DNS-320 v.1.00 and DNS-320LW v.1.01.0914.20212 allows an attacker to execute arbitrary via the account_mgr.cgi->cgi_chg_admin_pw components.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 20:15:00 GMT

read more

CVE-2025-45787 - Totolink A3100R Buffer Overflow Vulnerability

CVE ID : CVE-2025-45787
Published : May 8, 2025, 8:15 p.m. | 2 hours, 38 minutes ago
Description : TOTOLINK A3100R V5.9c.1527 is vulnerable to Buffer Overflow viathe comment parameter in setIpPortFilterRules.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 20:15:00 GMT

read more

CVE-2025-45788 - TOTOLINK A3100R Buffer Overflow Vulnerability

CVE ID : CVE-2025-45788
Published : May 8, 2025, 8:15 p.m. | 2 hours, 38 minutes ago
Description : TOTOLINK A3100R V5.9c.1527 is vulnerable to Buffer Overflow via the comment parameter in setMacFilterRules.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 20:15:00 GMT

read more

CVE-2025-45789 - TOTOLINK A3100R Buffer Overflow

CVE ID : CVE-2025-45789
Published : May 8, 2025, 8:15 p.m. | 2 hours, 38 minutes ago
Description : TOTOLINK A3100R V5.9c.1527 is vulnerable to buffer overflow via the urlKeyword parameter in setParentalRules.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 20:15:00 GMT

read more

CVE-2024-8100 - Arista CloudVision Portal - Token Privilege Escalation

CVE ID : CVE-2024-8100
Published : May 8, 2025, 7:16 p.m. | 3 hours, 38 minutes ago
Description : On affected versions of the Arista CloudVision Portal (CVP on-prem), the time-bound device onboarding token can be used to gain admin privileges on CloudVision.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 19:16:00 GMT

read more

CVE-2025-0505 - "Arista CloudVision Zero Touch Provisioning Privilege Escalation"

CVE ID : CVE-2025-0505
Published : May 8, 2025, 7:16 p.m. | 3 hours, 38 minutes ago
Description : On Arista CloudVision systems (virtual or physical on-premise deployments), Zero Touch Provisioning can be used to gain admin privileges on the CloudVision system, with more permissions than necessary, which can be used to query or manipulate system state for devices under management. Note that CloudVision as-a-Service is not affected.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 19:16:00 GMT

read more

CVE-2025-27695 - Dell Wyse Management Suite Authentication Bypass

CVE ID : CVE-2025-27695
Published : May 8, 2025, 7:16 p.m. | 3 hours, 38 minutes ago
Description : Dell Wyse Management Suite, versions prior to WMS 5.1 contain an Authentication Bypass by Spoofing vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information Disclosure.
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 19:16:00 GMT

read more

CVE-2024-11186 - Arista CloudVision Portal Elevated Privilege Access Vulnerability

CVE ID : CVE-2024-11186
Published : May 8, 2025, 7:15 p.m. | 3 hours, 38 minutes ago
Description : On affected versions of the CloudVision Portal, improper access controls could enable a malicious authenticated user to take broader actions on managed EOS devices than intended. This advisory impacts the Arista CloudVision Portal products when run on-premise. It does not impact CloudVision as-a-Service.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 19:15:00 GMT

read more

CVE-2024-12378 - Arista EOS Unencrypted VxLAN Tunnel Exposure

CVE ID : CVE-2024-12378
Published : May 8, 2025, 7:15 p.m. | 3 hours, 38 minutes ago
Description : On affected platforms running Arista EOS with secure Vxlan configured, restarting the Tunnelsec agent will result in packets being sent over the secure Vxlan tunnels in the clear.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 19:15:00 GMT

read more

CVE-2025-4098 - Horner Automation Cscape Out-of-Bounds Read Vulnerability

CVE ID : CVE-2025-4098
Published : May 8, 2025, 6:15 p.m. | 4 hours, 38 minutes ago
Description : Horner Automation Cscape version 10.0 (10.0.415.2) SP1 is vulnerable to an out-of-bounds read vulnerability that could allow an attacker to disclose information and execute arbitrary code on affected installations of Cscape.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 18:15:00 GMT

read more

CVE-2025-1948 - Jetty HTTP/2 Buffer Overflow

CVE ID : CVE-2025-1948
Published : May 8, 2025, 6:15 p.m. | 3 hours, 43 minutes ago
Description : In Eclipse Jetty versions 12.0.0 to 12.0.16 included, an HTTP/2 client can specify a very large value for the HTTP/2 settings parameter SETTINGS_MAX_HEADER_LIST_SIZE. The Jetty HTTP/2 server does not perform validation on this setting, and tries to allocate a ByteBuffer of the specified capacity to encode HTTP responses, likely resulting in OutOfMemoryError being thrown, or even the JVM process exiting.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 18:15:00 GMT

read more

CVE-2025-30101 - Dell PowerScale OneFS TOCTOU Race Condition Vulnerability

CVE ID : CVE-2025-30101
Published : May 8, 2025, 6:15 p.m. | 3 hours, 42 minutes ago
Description : Dell PowerScale OneFS, versions 9.8.0.0 through 9.10.1.0, contain a time-of-check time-of-use (TOCTOU) race condition vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to denial of service and information tampering.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 18:15:00 GMT

read more

CVE-2025-30102 - Dell PowerScale OneFS Out-of-Bounds Write Vulnerability

CVE ID : CVE-2025-30102
Published : May 8, 2025, 6:15 p.m. | 3 hours, 42 minutes ago
Description : Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.1.0, contains an out-of-bounds write vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to denial of service.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 18:15:00 GMT

read more

CVE-2024-13009 - Eclipse Jetty Gzip Buffer Release Vulnerability

CVE ID : CVE-2024-13009
Published : May 8, 2025, 6:15 p.m. | 2 hours, 38 minutes ago
Description : In Eclipse Jetty versions 9.4.0 to 9.4.56 a buffer can be incorrectly released when confronted with a gzip error when inflating a request body. This can result in corrupted and/or inadvertent sharing of data between requests.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 18:15:00 GMT

read more

CVE-2025-44021 - OpenStack Ironic Unintended File Writing Vulnerability

CVE ID : CVE-2025-44021
Published : May 8, 2025, 5:16 p.m. | 3 hours, 38 minutes ago
Description : OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during image handling (if a deployment was performed via the API). A malicious project assigned as a node owner can provide a path to any local file (readable by ironic-conductor), which may then be written to the target node disk. This is difficult to exploit in practice, because a node deployed in this manner should never reach the ACTIVE state, but it still represents a danger in environments running with non-default, insecure configurations such as with automated cleaning disabled. The fixed versions are 24.1.3, 26.1.1, and 29.0.1.
Severity: 2.8 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 17:16:00 GMT

read more

CVE-2025-26845 - Znuny Eval Injection Vulnerability

CVE ID : CVE-2025-26845
Published : May 8, 2025, 5:16 p.m. | 2 hours, 42 minutes ago
Description : An Eval Injection issue was discovered in Znuny through 7.1.3. A user with write access to the configuration file can use this to execute a command executed by the user running the backup.pl script.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 17:16:00 GMT

read more

CVE-2025-26847 - Znuny Support Bundle Password Exposure Vulnerability

CVE ID : CVE-2025-26847
Published : May 8, 2025, 5:16 p.m. | 2 hours, 42 minutes ago
Description : An issue was discovered in Znuny before 7.1.5. When generating a support bundle, not all passwords are masked.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 17:16:00 GMT

read more

CVE-2023-51328 - PHPJabbers Cleaning Business Software Stored XSS

CVE ID : CVE-2023-51328
Published : May 8, 2025, 4:15 p.m. | 3 hours, 43 minutes ago
Description : PHPJabbers Cleaning Business Software v1.0 is vulnerable to Multiple Stored Cross-Site Scripting (XSS) in the "c_name, name" parameters.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 16:15:00 GMT

read more

CVE-2025-26842 - Znuny S/MIME Encryption Information Disclosure Vulnerability

CVE ID : CVE-2025-26842
Published : May 8, 2025, 4:15 p.m. | 3 hours, 43 minutes ago
Description : An issue was discovered in Znuny through 7.1.3. If access to a ticket is not given, the content of S/MIME encrypted e-mail messages is visible to users with access to the CommunicationLog.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 16:15:00 GMT

read more

CVE-2025-26844 - Znuny Cookie Without HttpOnly Flag Vulnerability

CVE ID : CVE-2025-26844
Published : May 8, 2025, 4:15 p.m. | 3 hours, 43 minutes ago
Description : An issue was discovered in Znuny through 7.1.3. A cookie is set without the HttpOnly flag.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 16:15:00 GMT

read more

CVE-2025-43926 - Znuny Unauthenticated User Preference Injection Vulnerability

CVE ID : CVE-2025-43926
Published : May 8, 2025, 4:15 p.m. | 3 hours, 43 minutes ago
Description : An issue was discovered in Znuny through 6.5.14 and 7.x through 7.1.6. Custom AJAX calls to the AgentPreferences UpdateAJAX subaction can be used to set user preferences with arbitrary keys. When fetching user data via GetUserData, these keys and values are retrieved and given as a whole to other function calls, which then might use these keys/values to affect permissions or other settings.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 16:15:00 GMT

read more

CVE-2025-45841 - TOTOLINK NR1800X Remote Stack Overflow Vulnerability

CVE ID : CVE-2025-45841
Published : May 8, 2025, 4:15 p.m. | 3 hours, 43 minutes ago
Description : TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an authenticated stack overflow via the text parameter in the setSmsCfg function.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 16:15:00 GMT

read more

CVE-2025-45842 - TOTOLINK NR1800X Buffer Overflow Vulnerability

CVE ID : CVE-2025-45842
Published : May 8, 2025, 4:15 p.m. | 3 hours, 43 minutes ago
Description : TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an authenticated stack overflow via the ssid5g parameter in the setWiFiEasyCfg function.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 16:15:00 GMT

read more

CVE-2025-45843 - TOTOLINK NR1800X Router Authenticated Stack Overflow Vulnerability

CVE ID : CVE-2025-45843
Published : May 8, 2025, 4:15 p.m. | 3 hours, 43 minutes ago
Description : TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an authenticated stack overflow via the ssid parameter in the setWiFiGuestCfg function.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 16:15:00 GMT

read more

CVE-2025-45844 - TOTOLINK NR1800X Router Stack Overflow Vulnerability

CVE ID : CVE-2025-45844
Published : May 8, 2025, 4:15 p.m. | 3 hours, 43 minutes ago
Description : TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an authenticated stack overflow via the ssid parameter in the setWiFiBasicCfg function.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 16:15:00 GMT

read more

CVE-2025-45845 - TOTOLINK NR1800X Stack Overflow Vulnerability

CVE ID : CVE-2025-45845
Published : May 8, 2025, 4:15 p.m. | 3 hours, 43 minutes ago
Description : TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an authenticated stack overflow via the ssid5g parameter in the setWiFiEasyGuestCfg function.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 16:15:00 GMT

read more

CVE-2025-45846 - ALFA AIP-W512 Stack Overflow Vulnerability

CVE ID : CVE-2025-45846
Published : May 8, 2025, 4:15 p.m. | 3 hours, 43 minutes ago
Description : ALFA AIP-W512 v3.2.2.2.3 was discovered to contain an authenticated stack overflow via the torrentsindex parameter in the formBTClinetSetting function.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 16:15:00 GMT

read more

CVE-2025-45847 - ALFA AIP-W512 Remote Stack-Based Buffer Overflow

CVE ID : CVE-2025-45847
Published : May 8, 2025, 4:15 p.m. | 3 hours, 43 minutes ago
Description : ALFA AIP-W512 v3.2.2.2.3 was discovered to contain an authenticated stack overflow via the targetAPMac parameter in the formWsc function.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 16:15:00 GMT

read more

CVE-2025-4132 - Rapid7 Corporate Website Open Redirect Vulnerability

CVE ID : CVE-2025-4132
Published : May 8, 2025, 4:15 p.m. | 3 hours, 43 minutes ago
Description : Rapid7 Corporate Website prior to May 2nd 2025, suffered from a URL Redirection to Untrusted Site ('Open Redirect') vulnerability whereby, due to misconfigured headers, an attacker could successfully redirect users to a malicious site of their control. This vulnerability has been fixed as of May 2nd 2025.
Severity: 3.1 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 16:15:00 GMT

read more

CVE-2023-51295 - PHPJabbers Event Booking Calendar HTML Injection Vulnerability

CVE ID : CVE-2023-51295
Published : May 8, 2025, 4:15 p.m. | 2 hours, 15 minutes ago
Description : PHPJabbers Event Booking Calendar v4.0 is vulnerable to Multiple HTML Injection in the "name, plugin_sms_api_key, plugin_sms_country_code, title, plugin_sms_api_key, title" parameters.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 16:15:00 GMT

read more

CVE-2025-45818 - Slims Senayan Library Management Systems SQL Injection Vulnerability

CVE ID : CVE-2025-45818
Published : May 8, 2025, 3:15 p.m. | 3 hours, 14 minutes ago
Description : Slims (Senayan Library Management Systems) 9 Bulian 9.6.1 is vulnerable to SQL Injection in admin/modules/master_file/item_status.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 15:15:00 GMT

read more

CVE-2025-45819 - Slims Senayan Library Management Systems SQL Injection

CVE ID : CVE-2025-45819
Published : May 8, 2025, 3:15 p.m. | 3 hours, 14 minutes ago
Description : Slims (Senayan Library Management Systems) 9 Bulian 9.6.1 is vulnerable to SQL Injection in admin/modules/master_file/author.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 15:15:00 GMT

read more

CVE-2025-45820 - Slims Senayan Library Management Systems SQL Injection Vulnerability

CVE ID : CVE-2025-45820
Published : May 8, 2025, 3:15 p.m. | 3 hours, 14 minutes ago
Description : Slims (Senayan Library Management Systems) 9 Bulian 9.6.1 is vulnerable to SQL Injection in admin/modules/bibliography/pop_author_edit.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 15:15:00 GMT

read more

CVE-2025-4207 - PostgreSQL Buffer Over-Read Denial of Service

CVE ID : CVE-2025-4207
Published : May 8, 2025, 3:15 p.m. | 3 hours, 14 minutes ago
Description : Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5, 16.9, 15.13, 14.18, and 13.21 are affected.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 15:15:00 GMT

read more

CVE-2025-47729 - TeleMessage End-to-End Encryption Vulnerability

CVE ID : CVE-2025-47729
Published : May 8, 2025, 2:15 p.m. | 3 hours, 42 minutes ago
Description : The TeleMessage archiving backend through 2025-05-05 holds cleartext copies of messages from TM SGNL (aka Archive Signal) app users, which is different functionality than described in the TeleMessage "End-to-End encryption from the mobile phone through to the corporate archive" documentation, as exploited in the wild in May 2025.
Severity: 1.9 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 14:15:00 GMT

read more

CVE-2025-47730 - TeleMessage API Authentication Token Disclosure

CVE ID : CVE-2025-47730
Published : May 8, 2025, 2:15 p.m. | 3 hours, 42 minutes ago
Description : The TeleMessage archiving backend through 2025-05-05 accepts API calls (to request an authentication token) from the TM SGNL (aka Archive Signal) app with the credentials of logfile for the user and enRR8UVVywXYbFkqU#QDPRkO for the password.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 14:15:00 GMT

read more

CVE-2024-6648 - AP Page Builder Path Traversal RCE

CVE ID : CVE-2024-6648
Published : May 8, 2025, 1:15 p.m. | 4 hours, 42 minutes ago
Description : Absolute Path Traversal vulnerability in AP Page Builder versions prior to 4.0.0 could allow an unauthenticated remote user to modify the 'product_item_path' within the 'config' JSON file, allowing them to read any file on the system.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 13:15:00 GMT

read more

CVE-2025-3862 - Contest Gallery WordPress Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3862
Published : May 8, 2025, 12:15 p.m. | 5 hours, 43 minutes ago
Description : Contest Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 26.0.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 12:15:00 GMT

read more

CVE-2025-4208 - NEX-Forms PHP Code Execution Vulnerability

CVE ID : CVE-2025-4208
Published : May 8, 2025, 12:15 p.m. | 5 hours, 43 minutes ago
Description : The NEX-Forms – Ultimate Form Builder – Contact forms and much more plugin for WordPress is vulnerable to Limited Code Execution in all versions up to, and including, 8.9.1 via the get_table_records function. This is due to the unsanitized use of user-supplied input in call_user_func(). This makes it possible for authenticated attackers, with Custom-level access, to execute arbitrary PHP functions that meet specific constraints (static methods or global functions accepting a single array parameter).
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 12:15:00 GMT

read more

CVE-2025-2806 - TagDiv Composer WordPress Reflected Cross-Site Scripting

CVE ID : CVE-2025-2806
Published : May 8, 2025, 12:15 p.m. | 4 hours, 38 minutes ago
Description : The tagDiv Composer plugin for WordPress, used by the Newspaper theme, is vulnerable to Reflected Cross-Site Scripting via the ‘data’ parameter in all versions up to, and including, 5.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 12:15:00 GMT

read more

CVE-2025-3468 - NEX-Forms Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3468
Published : May 8, 2025, 12:15 p.m. | 4 hours, 38 minutes ago
Description : The NEX-Forms – Ultimate Form Builder – Contact forms and much more plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the clean_html and form_fields parameters in all versions up to, and including, 8.9.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Custom-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 12:15:00 GMT

read more

CVE-2025-3506 - Checkmk Unauthenticated File Access Vulnerability

CVE ID : CVE-2025-3506
Published : May 8, 2025, 12:15 p.m. | 4 hours, 38 minutes ago
Description : Files to be deployed with agents are accessible without authentication in Checkmk 2.1.0, Checkmk 2.2.0, Checkmk 2.3.0 and Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 12:15:00 GMT

read more

CVE-2025-3758 - WF2220 Information Disclosure in Western Digital Router

CVE ID : CVE-2025-3758
Published : May 8, 2025, 10:15 a.m. | 5 hours, 41 minutes ago
Description : WF2220 exposes endpoint /cgi-bin-igd/netcore_get.cgi that returns configuration of the device to unauthorized users. Returned configuration includes cleartext password. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 10:15:00 GMT

read more

CVE-2025-3759 - Netgear IGD Unauthenticated Configuration Change Vulnerability

CVE ID : CVE-2025-3759
Published : May 8, 2025, 10:15 a.m. | 5 hours, 41 minutes ago
Description : Endpoint /cgi-bin-igd/netcore_set.cgi which is used for changing device configuration is accessible without authentication. This poses a significant security threat allowing for e.g: administrator account hijacking or AP password changing. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 10:15:00 GMT

read more

CVE-2025-41450 - Danfoss AK-SM 8xxA Series Authentication Bypass

CVE ID : CVE-2025-41450
Published : May 8, 2025, 10:15 a.m. | 5 hours, 41 minutes ago
Description : Improper Authentication vulnerability in Danfoss AKSM8xxA Series.This issue affects Danfoss AK-SM 8xxA Series prior to version 4.2
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 10:15:00 GMT

read more

CVE-2025-1252 - RTI Connext Professional Heap-based Buffer Overflow Vulnerability

CVE ID : CVE-2025-1252
Published : May 8, 2025, 9:15 a.m. | 6 hours, 41 minutes ago
Description : Heap-based Buffer Overflow vulnerability in RTI Connext Professional (Core Libraries) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before 7.3.0.7, from 4.4 before 6.1.2.23.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 09:15:00 GMT

read more

CVE-2025-1253 - RTI Connext Professional Classic Buffer Overflow

CVE ID : CVE-2025-1253
Published : May 8, 2025, 9:15 a.m. | 6 hours, 41 minutes ago
Description : Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Core Libraries) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before 7.3.0.7, from 4.5 before 6.1.2.23.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 09:15:00 GMT

read more

CVE-2025-1254 - RTI Connext Professional Core Libraries Out-of-bounds Read/Write Vulnerability

CVE ID : CVE-2025-1254
Published : May 8, 2025, 9:15 a.m. | 6 hours, 41 minutes ago
Description : Out-of-bounds Read, Out-of-bounds Write vulnerability in RTI Connext Professional (Core Libraries) allows Overread Buffers, Overflow Buffers.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before 7.3.0.7, from 6.0.0 before 6.1.2.23.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 09:15:00 GMT

read more

CVE-2025-40846 - Halo Open Redirect and Cross Site Scripting Vulnerability

CVE ID : CVE-2025-40846
Published : May 8, 2025, 9:15 a.m. | 6 hours, 41 minutes ago
Description : Improper Input Validation, the returnUrl parameter in Account Security Settings lacks proper input validation, allowing attackers to redirect users to malicious websites (Open Redirect) and inject JavaScript code to perform cross site scripting attack. The vulnerability affects Halo versions up to 2.174.101 and all versions between 2.175.1 and 2.184.21
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 09:15:00 GMT

read more

CVE-2025-37830 - Linux Kernel cpufreq scmi Null Pointer Dereference Vulnerability

CVE ID : CVE-2025-37830
Published : May 8, 2025, 7:15 a.m. | 8 hours, 41 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate() cpufreq_cpu_get_raw() can return NULL when the target CPU is not present in the policy->cpus mask. scmi_cpufreq_get_rate() does not check for this case, which results in a NULL pointer dereference. Add NULL check after cpufreq_cpu_get_raw() to prevent this issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 07:15:00 GMT

read more

CVE-2025-37831 - Apple Soc cpufreq Null Pointer Dereference

CVE ID : CVE-2025-37831
Published : May 8, 2025, 7:15 a.m. | 8 hours, 41 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: cpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate() cpufreq_cpu_get_raw() can return NULL when the target CPU is not present in the policy->cpus mask. apple_soc_cpufreq_get_rate() does not check for this case, which results in a NULL pointer dereference.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 07:15:00 GMT

read more

CVE-2025-37832 - Allwinner cpufreq sun50i Linux Kernel Out-of-Bounds Read Vulnerability

CVE ID : CVE-2025-37832
Published : May 8, 2025, 7:15 a.m. | 8 hours, 41 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: cpufreq: sun50i: prevent out-of-bounds access A KASAN enabled kernel reports an out-of-bounds access when handling the nvmem cell in the sun50i cpufreq driver: ================================================================== BUG: KASAN: slab-out-of-bounds in sun50i_cpufreq_nvmem_probe+0x180/0x3d4 Read of size 4 at addr ffff000006bf31e0 by task kworker/u16:1/38 This is because the DT specifies the nvmem cell as covering only two bytes, but we use a u32 pointer to read the value. DTs for other SoCs indeed specify 4 bytes, so we cannot just shorten the variable to a u16. Fortunately nvmem_cell_read() allows to return the length of the nvmem cell, in bytes, so we can use that information to only access the valid portion of the data. To cover multiple cell sizes, use memcpy() to copy the information into a zeroed u32 buffer, then also make sure we always read the data in little endian fashion, as this is how the data is stored in the SID efuses.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 07:15:00 GMT

read more

CVE-2025-37833 - Linux Niu PCI-MSIX Touch Entry Data Vulnerability

CVE ID : CVE-2025-37833
Published : May 8, 2025, 7:15 a.m. | 8 hours, 41 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads Fix niu_try_msix() to not cause a fatal trap on sparc systems. Set PCI_DEV_FLAGS_MSIX_TOUCH_ENTRY_DATA_FIRST on the struct pci_dev to work around a bug in the hardware or firmware. For each vector entry in the msix table, niu chips will cause a fatal trap if any registers in that entry are read before that entries' ENTRY_DATA register is written to. Testing indicates writes to other registers are not sufficient to prevent the fatal trap, however the value does not appear to matter. This only needs to happen once after power up, so simply rebooting into a kernel lacking this fix will NOT cause the trap. NON-RESUMABLE ERROR: Reporting on cpu 64 NON-RESUMABLE ERROR: TPC [0x00000000005f6900] NON-RESUMABLE ERROR: RAW [4010000000000016:00000e37f93e32ff:0000000202000080:ffffffffffffffff NON-RESUMABLE ERROR: 0000000800000000:0000000000000000:0000000000000000:0000000000000000] NON-RESUMABLE ERROR: handle [0x4010000000000016] stick [0x00000e37f93e32ff] NON-RESUMABLE ERROR: type [precise nonresumable] NON-RESUMABLE ERROR: attrs [0x02000080] < ASI sp-faulted priv > NON-RESUMABLE ERROR: raddr [0xffffffffffffffff] NON-RESUMABLE ERROR: insn effective address [0x000000c50020000c] NON-RESUMABLE ERROR: size [0x8] NON-RESUMABLE ERROR: asi [0x00] CPU: 64 UID: 0 PID: 745 Comm: kworker/64:1 Not tainted 6.11.5 #63 Workqueue: events work_for_cpu_fn TSTATE: 0000000011001602 TPC: 00000000005f6900 TNPC: 00000000005f6904 Y: 00000000 Not tainted TPC: g0: 00000000000002e9 g1: 000000000000000c g2: 000000c50020000c g3: 0000000000000100 g4: ffff8000470307c0 g5: ffff800fec5be000 g6: ffff800047a08000 g7: 0000000000000000 o0: ffff800014feb000 o1: ffff800047a0b620 o2: 0000000000000011 o3: ffff800047a0b620 o4: 0000000000000080 o5: 0000000000000011 sp: ffff800047a0ad51 ret_pc: 00000000005f7128 RPC: <__pci_enable_msix_range+0x3cc/0x460> l0: 000000000000000d l1: 000000000000c01f l2: ffff800014feb0a8 l3: 0000000000000020 l4: 000000000000c000 l5: 0000000000000001 l6: 0000000020000000 l7: ffff800047a0b734 i0: ffff800014feb000 i1: ffff800047a0b730 i2: 0000000000000001 i3: 000000000000000d i4: 0000000000000000 i5: 0000000000000000 i6: ffff800047a0ae81 i7: 00000000101888b0 I7: Call Trace: [<00000000101888b0>] niu_try_msix.constprop.0+0xc0/0x130 [niu] [<000000001018f840>] niu_get_invariants+0x183c/0x207c [niu] [<00000000101902fc>] niu_pci_init_one+0x27c/0x2fc [niu] [<00000000005ef3e4>] local_pci_probe+0x28/0x74 [<0000000000469240>] work_for_cpu_fn+0x8/0x1c [<000000000046b008>] process_scheduled_works+0x144/0x210 [<000000000046b518>] worker_thread+0x13c/0x1c0 [<00000000004710e0>] kthread+0xb8/0xc8 [<00000000004060c8>] ret_from_fork+0x1c/0x2c [<0000000000000000>] 0x0 Kernel panic - not syncing: Non-resumable error.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 07:15:00 GMT

read more

CVE-2025-37834 - Linux Kernel: Dirty Swapcache Page Reclamation Vulnerability

CVE ID : CVE-2025-37834
Published : May 8, 2025, 7:15 a.m. | 8 hours, 41 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: mm/vmscan: don't try to reclaim hwpoison folio Syzkaller reports a bug as follows: Injecting memory failure for pfn 0x18b00e at process virtual address 0x20ffd000 Memory failure: 0x18b00e: dirty swapcache page still referenced by 2 users Memory failure: 0x18b00e: recovery action for dirty swapcache page: Failed page: refcount:2 mapcount:0 mapping:0000000000000000 index:0x20ffd pfn:0x18b00e memcg:ffff0000dd6d9000 anon flags: 0x5ffffe00482011(locked|dirty|arch_1|swapbacked|hwpoison|node=0|zone=2|lastcpupid=0xfffff) raw: 005ffffe00482011 dead000000000100 dead000000000122 ffff0000e232a7c9 raw: 0000000000020ffd 0000000000000000 00000002ffffffff ffff0000dd6d9000 page dumped because: VM_BUG_ON_FOLIO(!folio_test_uptodate(folio)) ------------[ cut here ]------------ kernel BUG at mm/swap_state.c:184! Internal error: Oops - BUG: 00000000f2000800 [#1] SMP Modules linked in: CPU: 0 PID: 60 Comm: kswapd0 Not tainted 6.6.0-gcb097e7de84e #3 Hardware name: linux,dummy-virt (DT) pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : add_to_swap+0xbc/0x158 lr : add_to_swap+0xbc/0x158 sp : ffff800087f37340 x29: ffff800087f37340 x28: fffffc00052c0380 x27: ffff800087f37780 x26: ffff800087f37490 x25: ffff800087f37c78 x24: ffff800087f377a0 x23: ffff800087f37c50 x22: 0000000000000000 x21: fffffc00052c03b4 x20: 0000000000000000 x19: fffffc00052c0380 x18: 0000000000000000 x17: 296f696c6f662865 x16: 7461646f7470755f x15: 747365745f6f696c x14: 6f6621284f494c4f x13: 0000000000000001 x12: ffff600036d8b97b x11: 1fffe00036d8b97a x10: ffff600036d8b97a x9 : dfff800000000000 x8 : 00009fffc9274686 x7 : ffff0001b6c5cbd3 x6 : 0000000000000001 x5 : ffff0000c25896c0 x4 : 0000000000000000 x3 : 0000000000000000 x2 : 0000000000000000 x1 : ffff0000c25896c0 x0 : 0000000000000000 Call trace: add_to_swap+0xbc/0x158 shrink_folio_list+0x12ac/0x2648 shrink_inactive_list+0x318/0x948 shrink_lruvec+0x450/0x720 shrink_node_memcgs+0x280/0x4a8 shrink_node+0x128/0x978 balance_pgdat+0x4f0/0xb20 kswapd+0x228/0x438 kthread+0x214/0x230 ret_from_fork+0x10/0x20 I can reproduce this issue with the following steps: 1) When a dirty swapcache page is isolated by reclaim process and the page isn't locked, inject memory failure for the page. me_swapcache_dirty() clears uptodate flag and tries to delete from lru, but fails. Reclaim process will put the hwpoisoned page back to lru. 2) The process that maps the hwpoisoned page exits, the page is deleted the page will never be freed and will be in the lru forever. 3) If we trigger a reclaim again and tries to reclaim the page, add_to_swap() will trigger VM_BUG_ON_FOLIO due to the uptodate flag is cleared. To fix it, skip the hwpoisoned page in shrink_folio_list(). Besides, the hwpoison folio may not be unmapped by hwpoison_user_mappings() yet, unmap it in shrink_folio_list(), otherwise the folio will fail to be unmaped by hwpoison_user_mappings() since the folio isn't in lru list.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 07:15:00 GMT

read more

CVE-2025-4127 - "WP SEO Structured Data Schema Stored Cross-Site Scripting Vulnerability"

CVE ID : CVE-2025-4127
Published : May 8, 2025, 7:15 a.m. | 8 hours, 41 minutes ago
Description : The WP SEO Structured Data Schema plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘Price Range’ parameter in all versions up to, and including, 2.7.11 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts that will execute whenever an administrator accesses the plugin settings page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 07:15:00 GMT

read more

CVE-2025-37826 - Linux Kernel UFS SCSI Null Pointer Dereference Vulnerability

CVE ID : CVE-2025-37826
Published : May 8, 2025, 7:15 a.m. | 7 hours, 14 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Add NULL check in ufshcd_mcq_compl_pending_transfer() Add a NULL check for the returned hwq pointer by ufshcd_mcq_req_to_hwq(). This is similar to the fix in commit 74736103fb41 ("scsi: ufs: core: Fix ufshcd_abort_one racing issue").
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 07:15:00 GMT

read more

CVE-2025-37827 - Here is a title for the vulnerability:"btrfs: RAID1 Profile Write Pointer Offset Mismatch NULL Pointer Dereference"

CVE ID : CVE-2025-37827
Published : May 8, 2025, 7:15 a.m. | 7 hours, 14 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: return EIO on RAID1 block group write pointer mismatch There was a bug report about a NULL pointer dereference in __btrfs_add_free_space_zoned() that ultimately happens because a conversion from the default metadata profile DUP to a RAID1 profile on two disks. The stack trace has the following signature: BTRFS error (device sdc): zoned: write pointer offset mismatch of zones in raid1 profile BUG: kernel NULL pointer dereference, address: 0000000000000058 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 0 P4D 0 Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI RIP: 0010:__btrfs_add_free_space_zoned.isra.0+0x61/0x1a0 RSP: 0018:ffffa236b6f3f6d0 EFLAGS: 00010246 RAX: 0000000000000000 RBX: ffff96c8132f3400 RCX: 0000000000000001 RDX: 0000000010000000 RSI: 0000000000000000 RDI: ffff96c8132f3410 RBP: 0000000010000000 R08: 0000000000000003 R09: 0000000000000000 R10: 0000000000000000 R11: 00000000ffffffff R12: 0000000000000000 R13: ffff96c758f65a40 R14: 0000000000000001 R15: 000011aac0000000 FS: 00007fdab1cb2900(0000) GS:ffff96e60ca00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000058 CR3: 00000001a05ae000 CR4: 0000000000350ef0 Call Trace: ? __die_body.cold+0x19/0x27 ? page_fault_oops+0x15c/0x2f0 ? exc_page_fault+0x7e/0x180 ? asm_exc_page_fault+0x26/0x30 ? __btrfs_add_free_space_zoned.isra.0+0x61/0x1a0 btrfs_add_free_space_async_trimmed+0x34/0x40 btrfs_add_new_free_space+0x107/0x120 btrfs_make_block_group+0x104/0x2b0 btrfs_create_chunk+0x977/0xf20 btrfs_chunk_alloc+0x174/0x510 ? srso_return_thunk+0x5/0x5f btrfs_inc_block_group_ro+0x1b1/0x230 btrfs_relocate_block_group+0x9e/0x410 btrfs_relocate_chunk+0x3f/0x130 btrfs_balance+0x8ac/0x12b0 ? srso_return_thunk+0x5/0x5f ? srso_return_thunk+0x5/0x5f ? __kmalloc_cache_noprof+0x14c/0x3e0 btrfs_ioctl+0x2686/0x2a80 ? srso_return_thunk+0x5/0x5f ? ioctl_has_perm.constprop.0.isra.0+0xd2/0x120 __x64_sys_ioctl+0x97/0xc0 do_syscall_64+0x82/0x160 ? srso_return_thunk+0x5/0x5f ? __memcg_slab_free_hook+0x11a/0x170 ? srso_return_thunk+0x5/0x5f ? kmem_cache_free+0x3f0/0x450 ? srso_return_thunk+0x5/0x5f ? srso_return_thunk+0x5/0x5f ? syscall_exit_to_user_mode+0x10/0x210 ? srso_return_thunk+0x5/0x5f ? do_syscall_64+0x8e/0x160 ? sysfs_emit+0xaf/0xc0 ? srso_return_thunk+0x5/0x5f ? srso_return_thunk+0x5/0x5f ? seq_read_iter+0x207/0x460 ? srso_return_thunk+0x5/0x5f ? vfs_read+0x29c/0x370 ? srso_return_thunk+0x5/0x5f ? srso_return_thunk+0x5/0x5f ? syscall_exit_to_user_mode+0x10/0x210 ? srso_return_thunk+0x5/0x5f ? do_syscall_64+0x8e/0x160 ? srso_return_thunk+0x5/0x5f ? exc_page_fault+0x7e/0x180 entry_SYSCALL_64_after_hwframe+0x76/0x7e RIP: 0033:0x7fdab1e0ca6d RSP: 002b:00007ffeb2b60c80 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fdab1e0ca6d RDX: 00007ffeb2b60d80 RSI: 00000000c4009420 RDI: 0000000000000003 RBP: 00007ffeb2b60cd0 R08: 0000000000000000 R09: 0000000000000013 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffeb2b6343b R14: 00007ffeb2b60d80 R15: 0000000000000001 CR2: 0000000000000058 ---[ end trace 0000000000000000 ]--- The 1st line is the most interesting here: BTRFS error (device sdc): zoned: write pointer offset mismatch of zones in raid1 profile When a RAID1 block-group is created and a write pointer mismatch between the disks in the RAID set is detected, btrfs sets the alloc_offset to the length of the block group marking it as full. Afterwards the code expects that a balance operation will evacuate the data in this block-group and repair the problems. But before this is possible, the new space of this block-group will be accounted in the free space cache. But in __btrfs_ ---truncated---
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 07:15:00 GMT

read more

CVE-2025-37828 - "ufs Linux Kernel NULL Pointer Dereference Vulnerability"

CVE ID : CVE-2025-37828
Published : May 8, 2025, 7:15 a.m. | 7 hours, 14 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: mcq: Add NULL check in ufshcd_mcq_abort() A race can occur between the MCQ completion path and the abort handler: once a request completes, __blk_mq_free_request() sets rq->mq_hctx to NULL, meaning the subsequent ufshcd_mcq_req_to_hwq() call in ufshcd_mcq_abort() can return a NULL pointer. If this NULL pointer is dereferenced, the kernel will crash. Add a NULL check for the returned hwq pointer. If hwq is NULL, log an error and return FAILED, preventing a potential NULL-pointer dereference. As suggested by Bart, the ufshcd_cmd_inflight() check is removed. This is similar to the fix in commit 74736103fb41 ("scsi: ufs: core: Fix ufshcd_abort_one racing issue"). This is found by our static analysis tool KNighter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 07:15:00 GMT

read more

CVE-2025-37829 - "Linux cpufreq: NULL Pointer Dereference Vulnerability"

CVE ID : CVE-2025-37829
Published : May 8, 2025, 7:15 a.m. | 7 hours, 14 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() cpufreq_cpu_get_raw() can return NULL when the target CPU is not present in the policy->cpus mask. scpi_cpufreq_get_rate() does not check for this case, which results in a NULL pointer dereference.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 07:15:00 GMT

read more

CVE-2025-37824 - Linux Kernel Tipc NULL Pointer Dereference Vulnerability

CVE ID : CVE-2025-37824
Published : May 8, 2025, 7:15 a.m. | 6 hours, 41 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: tipc: fix NULL pointer dereference in tipc_mon_reinit_self() syzbot reported: tipc: Node number set to 1055423674 Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN NOPTI KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] CPU: 3 UID: 0 PID: 6017 Comm: kworker/3:5 Not tainted 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full) Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 Workqueue: events tipc_net_finalize_work RIP: 0010:tipc_mon_reinit_self+0x11c/0x210 net/tipc/monitor.c:719 ... RSP: 0018:ffffc9000356fb68 EFLAGS: 00010246 RAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000003ee87cba RDX: 0000000000000000 RSI: ffffffff8dbc56a7 RDI: ffff88804c2cc010 RBP: dffffc0000000000 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000007 R13: fffffbfff2111097 R14: ffff88804ead8000 R15: ffff88804ead9010 FS: 0000000000000000(0000) GS:ffff888097ab9000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00000000f720eb00 CR3: 000000000e182000 CR4: 0000000000352ef0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: tipc_net_finalize+0x10b/0x180 net/tipc/net.c:140 process_one_work+0x9cc/0x1b70 kernel/workqueue.c:3238 process_scheduled_works kernel/workqueue.c:3319 [inline] worker_thread+0x6c8/0xf10 kernel/workqueue.c:3400 kthread+0x3c2/0x780 kernel/kthread.c:464 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:153 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245 ... RIP: 0010:tipc_mon_reinit_self+0x11c/0x210 net/tipc/monitor.c:719 ... RSP: 0018:ffffc9000356fb68 EFLAGS: 00010246 RAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000003ee87cba RDX: 0000000000000000 RSI: ffffffff8dbc56a7 RDI: ffff88804c2cc010 RBP: dffffc0000000000 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000007 R13: fffffbfff2111097 R14: ffff88804ead8000 R15: ffff88804ead9010 FS: 0000000000000000(0000) GS:ffff888097ab9000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00000000f720eb00 CR3: 000000000e182000 CR4: 0000000000352ef0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 There is a racing condition between workqueue created when enabling bearer and another thread created when disabling bearer right after that as follow: enabling_bearer | disabling_bearer --------------- | ---------------- tipc_disc_timeout() | { | bearer_disable() ... | { schedule_work(&tn->work); | tipc_mon_delete() ... | { } | ... | write_lock_bh(&mon->lock); | mon->self = NULL; | write_unlock_bh(&mon->lock); | ... | } tipc_net_finalize_work() | } { | ... | tipc_net_finalize() | { | ... | tipc_mon_reinit_self() | { | ... | write_lock_bh(&mon->lock); | mon->self->addr = tipc_own_addr(net); | write_unlock_bh(&mon->lock); | ... ---truncated---
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 07:15:00 GMT

read more

CVE-2025-37825 - "Nvidia Nvmet Out-of-Bounds Access Vulnerability"

CVE ID : CVE-2025-37825
Published : May 8, 2025, 7:15 a.m. | 6 hours, 41 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: nvmet: fix out-of-bounds access in nvmet_enable_port When trying to enable a port that has no transport configured yet, nvmet_enable_port() uses NVMF_TRTYPE_MAX (255) to query the transports array, causing an out-of-bounds access: [ 106.058694] BUG: KASAN: global-out-of-bounds in nvmet_enable_port+0x42/0x1da [ 106.058719] Read of size 8 at addr ffffffff89dafa58 by task ln/632 [...] [ 106.076026] nvmet: transport type 255 not supported Since commit 200adac75888, NVMF_TRTYPE_MAX is the default state as configured by nvmet_ports_make(). Avoid this by checking for NVMF_TRTYPE_MAX before proceeding.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 07:15:00 GMT

read more

CVE-2025-37823 - Linux Kernel Net-Sched HFSC Use-After-Free Vulnerability

CVE ID : CVE-2025-37823
Published : May 8, 2025, 7:15 a.m. | 5 hours, 38 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too Similarly to the previous patch, we need to safe guard hfsc_dequeue() too. But for this one, we don't have a reliable reproducer.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 07:15:00 GMT

read more

CVE-2025-37818 - LoongArch Linux Kernel Invalid PMD Pointer Dereference Vulnerability

CVE ID : CVE-2025-37818
Published : May 8, 2025, 7:15 a.m. | 4 hours, 40 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: LoongArch: Return NULL from huge_pte_offset() for invalid PMD LoongArch's huge_pte_offset() currently returns a pointer to a PMD slot even if the underlying entry points to invalid_pte_table (indicating no mapping). Callers like smaps_hugetlb_range() fetch this invalid entry value (the address of invalid_pte_table) via this pointer. The generic is_swap_pte() check then incorrectly identifies this address as a swap entry on LoongArch, because it satisfies the "!pte_present() && !pte_none()" conditions. This misinterpretation, combined with a coincidental match by is_migration_entry() on the address bits, leads to kernel crashes in pfn_swap_entry_to_page(). Fix this at the architecture level by modifying huge_pte_offset() to check the PMD entry's content using pmd_none() before returning. If the entry is invalid (i.e., it points to invalid_pte_table), return NULL instead of the pointer to the slot.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 07:15:00 GMT

read more

CVE-2025-37819 - "Linux Kernel GICv2m Use After Free Vulnerability in irqchip"

CVE ID : CVE-2025-37819
Published : May 8, 2025, 7:15 a.m. | 4 hours, 40 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode() With ACPI in place, gicv2m_get_fwnode() is registered with the pci subsystem as pci_msi_get_fwnode_cb(), which may get invoked at runtime during a PCI host bridge probe. But, the call back is wrongly marked as __init, causing it to be freed, while being registered with the PCI subsystem and could trigger: Unable to handle kernel paging request at virtual address ffff8000816c0400 gicv2m_get_fwnode+0x0/0x58 (P) pci_set_bus_msi_domain+0x74/0x88 pci_register_host_bridge+0x194/0x548 This is easily reproducible on a Juno board with ACPI boot. Retain the function for later use.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 07:15:00 GMT

read more

CVE-2025-37820 - Xen-netfront NULL Pointer Dereference and Memory Leak Vulnerability

CVE ID : CVE-2025-37820
Published : May 8, 2025, 7:15 a.m. | 4 hours, 40 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: xen-netfront: handle NULL returned by xdp_convert_buff_to_frame() The function xdp_convert_buff_to_frame() may return NULL if it fails to correctly convert the XDP buffer into an XDP frame due to memory constraints, internal errors, or invalid data. Failing to check for NULL may lead to a NULL pointer dereference if the result is used later in processing, potentially causing crashes, data corruption, or undefined behavior. On XDP redirect failure, the associated page must be released explicitly if it was previously retained via get_page(). Failing to do so may result in a memory leak, as the pages reference count is not decremented.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 07:15:00 GMT

read more

CVE-2025-37821 - Linux Kernel Sched Eevdf Crash

CVE ID : CVE-2025-37821
Published : May 8, 2025, 7:15 a.m. | 4 hours, 40 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: sched/eevdf: Fix se->slice being set to U64_MAX and resulting crash There is a code path in dequeue_entities() that can set the slice of a sched_entity to U64_MAX, which sometimes results in a crash. The offending case is when dequeue_entities() is called to dequeue a delayed group entity, and then the entity's parent's dequeue is delayed. In that case: 1. In the if (entity_is_task(se)) else block at the beginning of dequeue_entities(), slice is set to cfs_rq_min_slice(group_cfs_rq(se)). If the entity was delayed, then it has no queued tasks, so cfs_rq_min_slice() returns U64_MAX. 2. The first for_each_sched_entity() loop dequeues the entity. 3. If the entity was its parent's only child, then the next iteration tries to dequeue the parent. 4. If the parent's dequeue needs to be delayed, then it breaks from the first for_each_sched_entity() loop _without updating slice_. 5. The second for_each_sched_entity() loop sets the parent's ->slice to the saved slice, which is still U64_MAX. This throws off subsequent calculations with potentially catastrophic results. A manifestation we saw in production was: 6. In update_entity_lag(), se->slice is used to calculate limit, which ends up as a huge negative number. 7. limit is used in se->vlag = clamp(vlag, -limit, limit). Because limit is negative, vlag > limit, so se->vlag is set to the same huge negative number. 8. In place_entity(), se->vlag is scaled, which overflows and results in another huge (positive or negative) number. 9. The adjusted lag is subtracted from se->vruntime, which increases or decreases se->vruntime by a huge number. 10. pick_eevdf() calls entity_eligible()/vruntime_eligible(), which incorrectly returns false because the vruntime is so far from the other vruntimes on the queue, causing the (vruntime - cfs_rq->min_vruntime) * load calulation to overflow. 11. Nothing appears to be eligible, so pick_eevdf() returns NULL. 12. pick_next_entity() tries to dereference the return value of pick_eevdf() and crashes. Dumping the cfs_rq states from the core dumps with drgn showed tell-tale huge vruntime ranges and bogus vlag values, and I also traced se->slice being set to U64_MAX on live systems (which was usually "benign" since the rest of the runqueue needed to be in a particular state to crash). Fix it in dequeue_entities() by always setting slice from the first non-empty cfs_rq.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 07:15:00 GMT

read more

CVE-2025-37822 - RISC-V Linux Kernel Uprobes Fence Vulnerability

CVE ID : CVE-2025-37822
Published : May 8, 2025, 7:15 a.m. | 4 hours, 40 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: riscv: uprobes: Add missing fence.i after building the XOL buffer The XOL (execute out-of-line) buffer is used to single-step the replaced instruction(s) for uprobes. The RISC-V port was missing a proper fence.i (i$ flushing) after constructing the XOL buffer, which can result in incorrect execution of stale/broken instructions. This was found running the BPF selftests "test_progs: uprobe_autoattach, attach_probe" on the Spacemit K1/X60, where the uprobes tests randomly blew up.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 07:15:00 GMT

read more

CVE-2025-37815 - "Microchip PCI1xxxx Linux Kernel IRQ Handler Registration Vulnerability"

CVE ID : CVE-2025-37815
Published : May 8, 2025, 7:15 a.m. | 2 hours, 40 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration Resolve kernel panic while accessing IRQ handler associated with the generated IRQ. This is done by acquiring the spinlock and storing the current interrupt state before handling the interrupt request using generic_handle_irq. A previous fix patch was submitted where 'generic_handle_irq' was replaced with 'handle_nested_irq'. However, this change also causes the kernel panic where after determining which GPIO triggered the interrupt and attempting to call handle_nested_irq with the mapped IRQ number, leads to a failure in locating the registered handler.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 07:15:00 GMT

read more

CVE-2025-37816 - Linux Kernel Mei VSC Buffer Overflow Vulnerability

CVE ID : CVE-2025-37816
Published : May 8, 2025, 7:15 a.m. | 2 hours, 40 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: mei: vsc: Fix fortify-panic caused by invalid counted_by() use gcc 15 honors the __counted_by(len) attribute on vsc_tp_packet.buf[] and the vsc-tp.c code is using this in a wrong way. len does not contain the available size in the buffer, it contains the actual packet length *without* the crc. So as soon as vsc_tp_xfer() tries to add the crc to buf[] the fortify-panic handler gets triggered: [ 80.842193] memcpy: detected buffer overflow: 4 byte write of buffer size 0 [ 80.842243] WARNING: CPU: 4 PID: 272 at lib/string_helpers.c:1032 __fortify_report+0x45/0x50 ... [ 80.843175] __fortify_panic+0x9/0xb [ 80.843186] vsc_tp_xfer.cold+0x67/0x67 [mei_vsc_hw] [ 80.843210] ? seqcount_lockdep_reader_access.constprop.0+0x82/0x90 [ 80.843229] ? lockdep_hardirqs_on+0x7c/0x110 [ 80.843250] mei_vsc_hw_start+0x98/0x120 [mei_vsc] [ 80.843270] mei_reset+0x11d/0x420 [mei] The easiest fix would be to just drop the counted-by but with the exception of the ack buffer in vsc_tp_xfer_helper() which only contains enough room for the packet-header, all other uses of vsc_tp_packet always use a buffer of VSC_TP_MAX_XFER_SIZE bytes for the packet. Instead of just dropping the counted-by, split the vsc_tp_packet struct definition into a header and a full-packet definition and use a fixed size buf[] in the packet definition, this way fortify-source buffer overrun checking still works when enabled.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 07:15:00 GMT

read more

CVE-2025-37817 - Linux kernel Double Free in Chameleon Driver

CVE ID : CVE-2025-37817
Published : May 8, 2025, 7:15 a.m. | 2 hours, 40 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: mcb: fix a double free bug in chameleon_parse_gdd() In chameleon_parse_gdd(), if mcb_device_register() fails, 'mdev' would be released in mcb_device_register() via put_device(). Thus, goto 'err' label and free 'mdev' again causes a double free. Just return if mcb_device_register() fails.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 07:15:00 GMT

read more

CVE-2025-37811 - "Qualcomm Chipidea USB Driver Null Pointer Dereference"

CVE ID : CVE-2025-37811
Published : May 8, 2025, 7:15 a.m. | 1 hour, 12 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: ci_hdrc_imx: fix usbmisc handling usbmisc is an optional device property so it is totally valid for the corresponding data->usbmisc_data to have a NULL value. Check that before dereferencing the pointer. Found by Linux Verification Center (linuxtesting.org) with Svace static analysis tool.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 07:15:00 GMT

read more

CVE-2025-37812 - Linux Kernel USB cdns3 NCM Gadget Deadlock

CVE ID : CVE-2025-37812
Published : May 8, 2025, 7:15 a.m. | 1 hour, 12 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: Fix deadlock when using NCM gadget The cdns3 driver has the same NCM deadlock as fixed in cdnsp by commit 58f2fcb3a845 ("usb: cdnsp: Fix deadlock issue during using NCM gadget"). Under PREEMPT_RT the deadlock can be readily triggered by heavy network traffic, for example using "iperf --bidir" over NCM ethernet link. The deadlock occurs because the threaded interrupt handler gets preempted by a softirq, but both are protected by the same spinlock. Prevent deadlock by disabling softirq during threaded irq handler.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 07:15:00 GMT

read more

CVE-2025-37813 - Etron USB XHCI Invalid Pointer Dereference Vulnerability

CVE ID : CVE-2025-37813
Published : May 8, 2025, 7:15 a.m. | 1 hour, 12 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix invalid pointer dereference in Etron workaround This check is performed before prepare_transfer() and prepare_ring(), so enqueue can already point at the final link TRB of a segment. And indeed it will, some 0.4% of times this code is called. Then enqueue + 1 is an invalid pointer. It will crash the kernel right away or load some junk which may look like a link TRB and cause the real link TRB to be replaced with a NOOP. This wouldn't end well. Use a functionally equivalent test which doesn't dereference the pointer and always gives correct result. Something has crashed my machine twice in recent days while playing with an Etron HC, and a control transfer stress test ran for confirmation has just crashed it again. The same test passes with this patch applied.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 07:15:00 GMT

read more

CVE-2025-37814 - Linux Kernel TTY Mouse Reporting Vulnerability

CVE ID : CVE-2025-37814
Published : May 8, 2025, 7:15 a.m. | 1 hour, 12 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: tty: Require CAP_SYS_ADMIN for all usages of TIOCL_SELMOUSEREPORT This requirement was overeagerly loosened in commit 2f83e38a095f ("tty: Permit some TIOCL_SETSEL modes without CAP_SYS_ADMIN"), but as it turns out, (1) the logic I implemented there was inconsistent (apologies!), (2) TIOCL_SELMOUSEREPORT might actually be a small security risk after all, and (3) TIOCL_SELMOUSEREPORT is only meant to be used by the mouse daemon (GPM or Consolation), which runs as CAP_SYS_ADMIN already. In more detail: 1. The previous patch has inconsistent logic: In commit 2f83e38a095f ("tty: Permit some TIOCL_SETSEL modes without CAP_SYS_ADMIN"), we checked for sel_mode == TIOCL_SELMOUSEREPORT, but overlooked that the lower four bits of this "mode" parameter were actually used as an additional way to pass an argument. So the patch did actually still require CAP_SYS_ADMIN, if any of the mouse button bits are set, but did not require it if none of the mouse buttons bits are set. This logic is inconsistent and was not intentional. We should have the same policies for using TIOCL_SELMOUSEREPORT independent of the value of the "hidden" mouse button argument. I sent a separate documentation patch to the man page list with more details on TIOCL_SELMOUSEREPORT: https://lore.kernel.org/all/20250223091342.35523-2-gnoack3000@gmail.com/ 2. TIOCL_SELMOUSEREPORT is indeed a potential security risk which can let an attacker simulate "keyboard" input to command line applications on the same terminal, like TIOCSTI and some other TIOCLINUX "selection mode" IOCTLs. By enabling mouse reporting on a terminal and then injecting mouse reports through TIOCL_SELMOUSEREPORT, an attacker can simulate mouse movements on the same terminal, similar to the TIOCSTI keystroke injection attacks that were previously possible with TIOCSTI and other TIOCL_SETSEL selection modes. Many programs (including libreadline/bash) are then prone to misinterpret these mouse reports as normal keyboard input because they do not expect input in the X11 mouse protocol form. The attacker does not have complete control over the escape sequence, but they can at least control the values of two consecutive bytes in the binary mouse reporting escape sequence. I went into more detail on that in the discussion at https://lore.kernel.org/all/20250221.0a947528d8f3@gnoack.org/ It is not equally trivial to simulate arbitrary keystrokes as it was with TIOCSTI (commit 83efeeeb3d04 ("tty: Allow TIOCSTI to be disabled")), but the general mechanism is there, and together with the small number of existing legit use cases (see below), it would be better to revert back to requiring CAP_SYS_ADMIN for TIOCL_SELMOUSEREPORT, as it was already the case before commit 2f83e38a095f ("tty: Permit some TIOCL_SETSEL modes without CAP_SYS_ADMIN"). 3. TIOCL_SELMOUSEREPORT is only used by the mouse daemons (GPM or Consolation), and they are the only legit use case: To quote console_codes(4): The mouse tracking facility is intended to return xterm(1)-compatible mouse status reports. Because the console driver has no way to know the device or type of the mouse, these reports are returned in the console input stream only when the virtual terminal driver receives a mouse update ioctl. These ioctls must be generated by a mouse-aware user-mode application such as the gpm(8) daemon. Jared Finder has also confirmed in https://lore.kernel.org/all/491f3df9de6593df8e70dbe77614b026@finder.org/ that Emacs does not call TIOCL_SELMOUSEREPORT directly, and it would be difficult to find good reasons for doing that, given that it would interfere with the reports that GPM is sending. More information on the interaction between GPM, terminals and th ---truncated---
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 07:15:00 GMT

read more

CVE-2024-13793 - Walmart | WooCommerce Theme WordPress Shortcode Injection Vulnerability

CVE ID : CVE-2024-13793
Published : May 8, 2025, 5:15 a.m. | 40 minutes ago
Description : The Wolmart | Multi-Vendor Marketplace WooCommerce Theme theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.8.11. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 05:15:00 GMT

read more

CVE-2025-32873 - Django Slow Denial-of-Service Vulnerability in HTML Tag Processing

CVE ID : CVE-2025-32873
Published : May 8, 2025, 4:17 a.m. | 1 hour, 39 minutes ago
Description : An issue was discovered in Django 4.2 before 4.2.21, 5.1 before 5.1.9, and 5.2 before 5.2.1. The django.utils.html.strip_tags() function is vulnerable to a potential denial-of-service (slow performance) when processing inputs containing large sequences of incomplete HTML tags. The template filter striptags is also vulnerable, because it is built on top of strip_tags().
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 04:17:00 GMT

read more

CVE-2024-55651 - i-Educar Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2024-55651
Published : May 8, 2025, 12:15 a.m. | 5 hours, 41 minutes ago
Description : i-Educar is free, fully online school management software. Version 2.9 of the application fails to properly validate and sanitize user supplied input, leading to a stored cross-site scripting vulnerability that resides within the user type (Tipo de Usuário) input field. Through this attacker vector a malicious user might be able to retrieve information belonging to another user, which may lead to sensitive information leakage or other malicious actions. As of time of publication, no patched versions are known to exist.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 08 May 2025 00:15:00 GMT

read more

CVE-2025-0936 - Arista EOS gNMI Remote Credentials Disclosure

CVE ID : CVE-2025-0936
Published : May 7, 2025, 11:15 p.m. | 6 hours, 40 minutes ago
Description : On affected platforms running Arista EOS with a gNMI transport enabled, running the gNOI File TransferToRemote RPC with credentials for a remote server may cause these remote-server credentials to be logged or accounted on the local EOS device or possibly on other remote accounting servers (i.e. TACACS, RADIUS, etc).
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 23:15:00 GMT

read more

CVE-2025-32441 - Rack Session Pool Session Hijacking Vulnerability

CVE ID : CVE-2025-32441
Published : May 7, 2025, 11:15 p.m. | 6 hours, 40 minutes ago
Description : Rack is a modular Ruby web server interface. Prior to version 2.2.14, when using the `Rack::Session::Pool` middleware, simultaneous rack requests can restore a deleted rack session, which allows the unauthenticated user to occupy that session. Rack session middleware prepares the session at the beginning of request, then saves is back to the store with possible changes applied by host rack application. This way the session becomes to be a subject of race conditions in general sense over concurrent rack requests. When using the `Rack::Session::Pool` middleware, and provided the attacker can acquire a session cookie (already a major issue), the session may be restored if the attacker can trigger a long running request (within that same session) adjacent to the user logging out, in order to retain illicit access even after a user has attempted to logout. Version 2.2.14 contains a patch for the issue. Some other mitigations are available. Either ensure the application invalidates sessions atomically by marking them as logged out e.g., using a `logged_out` flag, instead of deleting them, and check this flag on every request to prevent reuse; or implement a custom session store that tracks session invalidation timestamps and refuses to accept session data if the session was invalidated after the request began.
Severity: 4.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 23:15:00 GMT

read more

CVE-2025-35939 - Craft CMS Unauthenticated Session File Injection Vulnerability

CVE ID : CVE-2025-35939
Published : May 7, 2025, 11:15 p.m. | 6 hours, 40 minutes ago
Description : Craft CMS stores arbitrary content provided by unauthenticated users in session files. This content could be accessed and executed, possibly using an independent vulnerability. Craft CMS redirects requests that require authentication to the login page and generates a session file on the server at `/var/lib/php/sessions`. Such session files are named `sess_[session_value]`, where `[session_value]` is provided to the client in a `Set-Cookie` response header. Craft CMS stores the return URL requested by the client without sanitizing parameters. Consequently, an unauthenticated client can introduce arbitrary values, such as PHP code, to a known local file location on the server. Craft CMS versions 5.7.5 and 4.15.3 have been released to address this issue.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 23:15:00 GMT

read more

CVE-2025-46727 - Rack Denial of Service (DoS) Vulnerability

CVE ID : CVE-2025-46727
Published : May 7, 2025, 11:15 p.m. | 6 hours, 40 minutes ago
Description : Rack is a modular Ruby web server interface. Prior to versions 2.2.14, 3.0.16, and 3.1.14, `Rack::QueryParser` parses query strings and `application/x-www-form-urlencoded` bodies into Ruby data structures without imposing any limit on the number of parameters, allowing attackers to send requests with extremely large numbers of parameters. The vulnerability arises because `Rack::QueryParser` iterates over each `&`-separated key-value pair and adds it to a Hash without enforcing an upper bound on the total number of parameters. This allows an attacker to send a single request containing hundreds of thousands (or more) of parameters, which consumes excessive memory and CPU during parsing. An attacker can trigger denial of service by sending specifically crafted HTTP requests, which can cause memory exhaustion or pin CPU resources, stalling or crashing the Rack server. This results in full service disruption until the affected worker is restarted. Versions 2.2.14, 3.0.16, and 3.1.14 fix the issue. Some other mitigations are available. One may use middleware to enforce a maximum query string size or parameter count, or employ a reverse proxy (such as Nginx) to limit request sizes and reject oversized query strings or bodies. Limiting request body sizes and query string lengths at the web server or CDN level is an effective mitigation.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 23:15:00 GMT

read more

CVE-2023-7303 - Q2Apro Q2Apro-On-Site-Notifications Cross Site Scripting Vulnerability

CVE ID : CVE-2023-7303
Published : May 7, 2025, 10:15 p.m. | 7 hours, 41 minutes ago
Description : A vulnerability, which was classified as problematic, was found in q2apro q2apro-on-site-notifications up to 1.4.6. This affects the function process_request of the file q2apro-onsitenotifications-page.php. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 1.4.8 is able to address this issue. The patch is named 0ca85ca02f8aceb661e9b71fd229c45d388ea5b5. It is recommended to upgrade the affected component.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 22:15:00 GMT

read more

CVE-2024-11953 - Apache Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2024-11953
Published : May 7, 2025, 10:15 p.m. | 7 hours, 41 minutes ago
Description : Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 22:15:00 GMT

read more

CVE-2025-31644 - F5 BIG-IP Command Injection Vulnerability

CVE ID : CVE-2025-31644
Published : May 7, 2025, 10:15 p.m. | 7 hours, 41 minutes ago
Description : When running in Appliance mode, a command injection vulnerability exists in an undisclosed iControl REST and BIG-IP TMOS Shell (tmsh) command which may allow an authenticated attacker with administrator role privileges to execute arbitrary system commands. A successful exploit can allow the attacker to cross a security boundary.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 22:15:00 GMT

read more

CVE-2025-35995 - BIG-IP PEM Denial of Service Vulnerability

CVE ID : CVE-2025-35995
Published : May 7, 2025, 10:15 p.m. | 7 hours, 41 minutes ago
Description : When a BIG-IP PEM system is licensed with URL categorization, and the URL categorization policy or an iRule with the urlcat command is enabled on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 22:15:00 GMT

read more

CVE-2025-36504 - BIG-IP HTTP/2 httprouter Profile Memory Consumption Vulnerability

CVE ID : CVE-2025-36504
Published : May 7, 2025, 10:15 p.m. | 7 hours, 41 minutes ago
Description : When a BIG-IP HTTP/2 httprouter profile is configured on a virtual server, undisclosed responses can cause an increase in memory resource utilization.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 22:15:00 GMT

read more

CVE-2025-36525 - BIG-IP APM PingAccess Profile Request Termination Vulnerability

CVE ID : CVE-2025-36525
Published : May 7, 2025, 10:15 p.m. | 7 hours, 41 minutes ago
Description : When a BIG-IP APM virtual server is configured to use a PingAccess profile, undisclosed requests can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 22:15:00 GMT

read more

CVE-2025-36546 - F5OS SSH Key-Based Authentication Privilege Escalation

CVE ID : CVE-2025-36546
Published : May 7, 2025, 10:15 p.m. | 7 hours, 41 minutes ago
Description : On an F5OS system, if the root user had previously configured the system to allow login via SSH key-based authentication, and then enabled Appliance Mode; access via SSH key-based authentication is still allowed. For an attacker to exploit this vulnerability they must obtain the root user's SSH private key.   Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 22:15:00 GMT

read more

CVE-2025-36557 - F5 Big-IP HTTP Enforce RFC Compliance Remote Denial of Service

CVE ID : CVE-2025-36557
Published : May 7, 2025, 10:15 p.m. | 7 hours, 41 minutes ago
Description : When an HTTP profile with the Enforce RFC Compliance option is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 22:15:00 GMT

read more

CVE-2025-41399 - F5 BIG-IP SCTP Profile Memory Exhaustion Vulnerability

CVE ID : CVE-2025-41399
Published : May 7, 2025, 10:15 p.m. | 7 hours, 41 minutes ago
Description : When a Stream Control Transmission Protocol (SCTP) profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 22:15:00 GMT

read more

CVE-2025-41414 - F5 BIG-IP HTTP/2 Profile Denial of Service

CVE ID : CVE-2025-41414
Published : May 7, 2025, 10:15 p.m. | 7 hours, 41 minutes ago
Description : When HTTP/2 client and server profile is configured on a virtual server, undisclosed requests can cause TMM to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 22:15:00 GMT

read more

CVE-2025-41431 - BIG-IP Traffic Management Microkernel (TMM) Denial of Service

CVE ID : CVE-2025-41431
Published : May 7, 2025, 10:15 p.m. | 7 hours, 41 minutes ago
Description : When connection mirroring is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate in the standby BIG-IP systems in a traffic group. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 22:15:00 GMT

read more

CVE-2025-41433 - F5 BIG-IP SIP MRF ALG Profile Denial of Service Vulnerability

CVE ID : CVE-2025-41433
Published : May 7, 2025, 10:15 p.m. | 7 hours, 41 minutes ago
Description : When a Session Initiation Protocol (SIP) message routing framework (MRF) application layer gateway (ALG) profile is configured on a Message Routing virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 22:15:00 GMT

read more

CVE-2025-43878 - F5OS-C/A Appliance Mode Bypass Vulnerability

CVE ID : CVE-2025-43878
Published : May 7, 2025, 10:15 p.m. | 7 hours, 41 minutes ago
Description : When running in Appliance mode, an authenticated attacker assigned the Administrator or Resource Administrator role may be able to bypass Appliance mode restrictions utilizing system diagnostics tcpdump command utility on a F5OS-C/A system.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Severity: 6.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 22:15:00 GMT

read more

CVE-2025-46265 - F5OS Improper Authorization Vulnerability

CVE ID : CVE-2025-46265
Published : May 7, 2025, 10:15 p.m. | 7 hours, 41 minutes ago
Description : On F5OS, an improper authorization vulnerability exists where remotely authenticated users (LDAP, RADIUS, TACACS+) may be authorized with higher privilege F5OS roles. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 22:15:00 GMT

read more

CVE-2025-46821 - Envoy URI Template Path Matching Bypass Vulnerability

CVE ID : CVE-2025-46821
Published : May 7, 2025, 10:15 p.m. | 7 hours, 41 minutes ago
Description : Envoy is a cloud-native edge/middle/service proxy. Prior to versions 1.34.1, 1.33.3, 1.32.6, and 1.31.8, Envoy's URI template matcher incorrectly excludes the `*` character from a set of valid characters in the URI path. As a result URI path containing the `*` character will not match a URI template expressions. This can result in bypass of RBAC rules when configured using the `uri_template` permissions. This vulnerability is fixed in Envoy versions v1.34.1, v1.33.3, v1.32.6, v1.31.8. As a workaround, configure additional RBAC permissions using `url_path` with `safe_regex` expression.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 22:15:00 GMT

read more

CVE-2025-46826 - INSA Rouen insa-auth Information Disclosure

CVE ID : CVE-2025-46826
Published : May 7, 2025, 10:15 p.m. | 7 hours, 41 minutes ago
Description : insa-auth is an authentication server for INSA Rouen. A minor issue allowed third-party websites to access the server's secondary authentication bridge, potentially revealing basic student information (name and number). However, the issue posed minimal risk, was never exploited, and had limited impact. A fix was implemented promptly on May 3, 2025.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 22:15:00 GMT

read more

CVE-2025-3925 - BrightSign Players Privilege Escalation Vulnerability

CVE ID : CVE-2025-3925
Published : May 7, 2025, 9:16 p.m. | 8 hours, 40 minutes ago
Description : BrightSign players running BrightSign OS series 4 prior to v8.5.53.1 or series 5 prior to v9.0.166 contain an execution with unnecessary privileges vulnerability, allowing for privilege escalation on the device once code execution has been obtained.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 21:16:00 GMT

read more

CVE-2025-4043 - Apache Device Unprivileged File Write

CVE ID : CVE-2025-4043
Published : May 7, 2025, 9:16 p.m. | 8 hours, 40 minutes ago
Description : An admin user can gain unauthorized write access to the /etc/rc.local file on the device, which is executed on a system boot.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 21:16:00 GMT

read more

CVE-2025-31177 - Gnuplot Heap Buffer Overflow Vulnerability

CVE ID : CVE-2025-31177
Published : May 7, 2025, 9:16 p.m. | 7 hours, 37 minutes ago
Description : gnuplot is affected by a heap buffer overflow at function utf8_copy_one.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 21:16:00 GMT

read more

CVE-2025-45514 - Tenda FH451 Stack Overflow Vulnerability

CVE ID : CVE-2025-45514
Published : May 7, 2025, 7:16 p.m. | 8 hours, 40 minutes ago
Description : Tenda FH451 V1.0.0.9 has a stack overflow vulnerability in the function.frmL7ImForm.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 19:16:00 GMT

read more

CVE-2025-45388 - Wagtail CMS Stored XSS

CVE ID : CVE-2025-45388
Published : May 7, 2025, 7:16 p.m. | 4 hours, 40 minutes ago
Description : Wagtail CMS 6.4.1 is vulnerable to a Stored Cross-Site Scripting (XSS) in the document upload functionality. Attackers can inject malicious code inside a PDF file. When a user clicks the document in the CMS interface, the payload executes.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 19:16:00 GMT

read more

CVE-2025-29746 - Koillection Cross Site Scripting (XSS)

CVE ID : CVE-2025-29746
Published : May 7, 2025, 7:16 p.m. | 3 hours, 37 minutes ago
Description : Cross Site Scripting vulnerability in Koillection v.1.6.10 allows a remote attacker to escalate privileges via the collection, Wishlist and album components
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 19:16:00 GMT

read more

CVE-2025-30147 - Hyperledger Besu EC Point Crafting Vulnerability

CVE ID : CVE-2025-30147
Published : May 7, 2025, 7:16 p.m. | 3 hours, 37 minutes ago
Description : Besu Native contains scripts and tooling that is used to build and package the native libraries used by the Ethereum client Hyperledger Besu. Besu 24.7.1 through 25.2.2, corresponding to besu-native versions 0.9.0 through 1.2.1, have a potential consensus bug for the precompiles ALTBN128_ADD (0x06), ALTBN128_MUL (0x07), and ALTBN128_PAIRING (0x08). These precompiles were reimplemented in besu-native using gnark-crypto's bn254 implementation, as the former implementation used a library which was no longer maintained and not sufficiently performant. The new gnark implementation was initially added in version 0.9.0 of besu-native but was not utilized by Besu until version 0.9.2 in Besu 24.7.1. The issue is that there are EC points which may be crafted which are in the correct subgroup but are not on the curve and the besu-native gnark implementation was relying on subgroup checks to perform point-on-curve checks as well. The version of gnark-crypto used at the time did not do this check when performing subgroup checks. The result is that it was possible for Besu to give an incorrect result and fall out of consensus when executing one of these precompiles against a specially crafted input point. Additionally, homogenous Besu-only networks can potentially enshrine invalid state which would be incorrect and difficult to process with patched versions of besu which handle these calls correctly. The underlying defect has been patched in besu-native release 1.3.0. The fixed version of Besu is version 25.3.0. As a workaround for versions of Besu with the problem, the native precompile for altbn128 may be disabled in favor of the pure-java implementation. The pure java implementation is significantly slower, but does not have this consensus issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 19:16:00 GMT

read more

CVE-2025-3272 - OpenText Operations Bridge Manager Password Change Bypass

CVE ID : CVE-2025-3272
Published : May 7, 2025, 7:16 p.m. | 3 hours, 37 minutes ago
Description : Incorrect Authorization vulnerability in OpenText™ Operations Bridge Manager.  The vulnerability could allow authenticated users to change their password without providing their old password. This issue affects Operations Bridge Manager: 24.2, 24.4.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 19:16:00 GMT

read more

CVE-2025-3476 - OpenText Operations Bridge Manager Authorization Bypass

CVE ID : CVE-2025-3476
Published : May 7, 2025, 7:16 p.m. | 3 hours, 37 minutes ago
Description : Incorrect Authorization vulnerability in OpenText™ Operations Bridge Manager. The vulnerability could allows privilege escalation by authenticated users.This issue affects Operations Bridge Manager: 2023.05, 23.4, 24.2, 24.4.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 19:16:00 GMT

read more

CVE-2025-26168 - IXON VPN Client Local Privilege Escalation

CVE ID : CVE-2025-26168
Published : May 7, 2025, 7:16 p.m. | 3 hours, 12 minutes ago
Description : IXON VPN Client before 1.4.4 on Linux and macOS allows Local Privilege Escalation to root because there is code execution from a configuration file that can be controlled by a low-privileged user. There is a race condition in which a temporary configuration file, in a world-writable directory, can be overwritten.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 19:16:00 GMT

read more

CVE-2025-26169 - IXON VPN Client Local Privilege Escalation Remote Code Execution

CVE ID : CVE-2025-26169
Published : May 7, 2025, 7:16 p.m. | 3 hours, 12 minutes ago
Description : IXON VPN Client before 1.4.4 on Windows allows Local Privilege Escalation to SYSTEM because there is code execution from a configuration file that can be controlled by a low-privileged user. There is a race condition in which a temporary configuration file, in a world-writable directory, can be overwritten.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 19:16:00 GMT

read more

CVE-2025-20202 - Cisco IOS XE Wireless Controller Software CDP Neighbor Report Denial of Service Vulnerability

CVE ID : CVE-2025-20202
Published : May 7, 2025, 6:15 p.m. | 4 hours, 12 minutes ago
Description : A vulnerability in Cisco IOS XE Wireless Controller Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of access point (AP) Cisco Discovery Protocol (CDP) neighbor reports when they are processed by the wireless controller. An attacker could exploit this vulnerability by sending a crafted CDP packet to an AP. A successful exploit could allow the attacker to cause an unexpected reload of the wireless controller that is managing the AP, resulting in a DoS condition that affects the wireless network.
Severity: 7.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 18:15:00 GMT

read more

CVE-2025-20210 - "Cisco Catalyst Center Unauthenticated API Proxy Configuration Disclosure and Modification"

CVE ID : CVE-2025-20210
Published : May 7, 2025, 6:15 p.m. | 4 hours, 12 minutes ago
Description : A vulnerability in the management API of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an unauthenticated, remote attacker to read and modify the outgoing proxy configuration settings. This vulnerability is due to the lack of authentication in an API endpoint. An attacker could exploit this vulnerability by sending a request to the affected API of a Catalyst Center device. A successful exploit could allow the attacker to view or modify the outgoing proxy configuration, which could disrupt internet traffic from Cisco Catalyst Center or may allow the attacker to intercept outbound internet traffic.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 18:15:00 GMT

read more

CVE-2025-20213 - Cisco Catalyst SD-WAN Manager Local File System Overwrite Vulnerability

CVE ID : CVE-2025-20213
Published : May 7, 2025, 6:15 p.m. | 4 hours, 12 minutes ago
Description : A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. To exploit this vulnerability, the attacker must have valid read-only credentials with CLI access on the affected system. This vulnerability is due to improper access controls on files that are on the local file system. An attacker could exploit this vulnerability by running a series of crafted commands on the local file system of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device and gain privileges of the root user. To exploit this vulnerability, an attacker would need to have CLI access as a low-privilege user.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 18:15:00 GMT

read more

CVE-2025-20214 - Cisco IOS XE NACM Unauthorized Data Access Vulnerability

CVE ID : CVE-2025-20214
Published : May 7, 2025, 6:15 p.m. | 4 hours, 12 minutes ago
Description : A vulnerability in the Network Configuration Access Control Module (NACM) of Cisco IOS XE Software could allow an authenticated, remote attacker to obtain unauthorized read access to configuration or operational data. This vulnerability exists because a subtle change in inner API call behavior causes results to be filtered incorrectly. An attacker could exploit this vulnerability by using either NETCONF, RESTCONF, or gRPC Network Management Interface (gNMI) protocols and query data on paths that may have been denied by the NACM configuration. A successful exploit could allow the attacker to access data that should have been restricted according to the NACM configuration. Note: This vulnerability requires that the attacker obtain the credentials from a valid user with privileges lower than 15, and that NACM was configured to provide restricted read access for that user.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 18:15:00 GMT

read more

CVE-2025-20216 - Cisco Catalyst SD-WAN Manager Cross-Site Scripting (XSS)

CVE ID : CVE-2025-20216
Published : May 7, 2025, 6:15 p.m. | 4 hours, 12 minutes ago
Description : A vulnerability in the web interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an unauthenticated, remote attacker to inject HTML into the browser of an authenticated user. This vulnerability is due to improper sanitization of input to the web interface. An attacker could exploit this vulnerability by convincing an authenticated user to click a malicious link. A successful exploit could allow the attacker to inject HTML into the browser of an authenticated Cisco Catalyst SD-WAN Manager user.
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 18:15:00 GMT

read more

CVE-2025-20221 - Cisco IOS XE SD-WAN Remote Packet Filtering Bypass Vulnerability

CVE ID : CVE-2025-20221
Published : May 7, 2025, 6:15 p.m. | 4 hours, 12 minutes ago
Description : A vulnerability in the packet filtering features of Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to bypass Layer 3 and Layer 4 traffic filters. This vulnerability is due to improper traffic filtering conditions on an affected device. An attacker could exploit this vulnerability by sending a crafted packet to the affected device. A successful exploit could allow the attacker to bypass the Layer 3 and Layer 4 traffic filters and inject a crafted packet into the network.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 18:15:00 GMT

read more

CVE-2025-20223 - Cisco Catalyst Center HTTP Request Access Control Bypass

CVE ID : CVE-2025-20223
Published : May 7, 2025, 6:15 p.m. | 4 hours, 12 minutes ago
Description : A vulnerability in Cisco Catalyst Center, formerly Cisco DNA Center, could allow an authenticated, remote attacker to read and modify data in a repository that belongs to an internal service of an affected device. This vulnerability is due to insufficient enforcement of access control on HTTP requests. An attacker could exploit this vulnerability by submitting a crafted HTTP request to an affected device. A successful exploit could allow the attacker to read and modify data that is handled by an internal service on the affected device.
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 18:15:00 GMT

read more

CVE-2025-32819 - SonicWall SMA SSLVPN File Deletion Vulnerability

CVE ID : CVE-2025-32819
Published : May 7, 2025, 6:15 p.m. | 4 hours, 12 minutes ago
Description : A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 18:15:00 GMT

read more

CVE-2025-32820 - SMA100 Path Traversal Privilege Escalation Vulnerability

CVE ID : CVE-2025-32820
Published : May 7, 2025, 6:15 p.m. | 4 hours, 12 minutes ago
Description : A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges can inject a path traversal sequence to make any directory on the SMA appliance writable.
Severity: 8.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 18:15:00 GMT

read more

CVE-2025-32821 - SMA100 Command Injection Vulnerability

CVE ID : CVE-2025-32821
Published : May 7, 2025, 6:15 p.m. | 4 hours, 12 minutes ago
Description : A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN admin privileges can with admin privileges can inject shell command arguments to upload a file on the appliance.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 18:15:00 GMT

read more

CVE-2025-46824 - Discourse Code Review Plugin Cross-Site Scripting (XSS)

CVE ID : CVE-2025-46824
Published : May 7, 2025, 6:15 p.m. | 4 hours, 12 minutes ago
Description : The Discourse Code Review Plugin allows users to review GitHub commits on Discourse. Prior to commit eed3a80, an attacker can execute arbitrary JavaScript on users' browsers by posting links to malicious GitHub commits. This problem is patched in commit eed3a80 of the discourse-code-review plugin. As a workaround, one may disable the plugin.
Severity: 3.1 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 18:15:00 GMT

read more

CVE-2025-46828 - WeGIA Web Manager SQL Injection Vulnerability

CVE ID : CVE-2025-46828
Published : May 7, 2025, 6:15 p.m. | 4 hours, 12 minutes ago
Description : WeGIA is a web manager for charitable institutions. An unauthenticated SQL Injection vulnerability was identified in versions up to and including 3.3.0 in the endpoint `/html/socio/sistema/get_socios.php`, specifically in the query parameter. This issue allows attackers to inject and execute arbitrary SQL statements against the application's underlying database. As a result, it may lead to data exfiltration, authentication bypass, or complete database compromise. Version 3.3.1 fixes the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 18:15:00 GMT

read more

CVE-2025-47203 - Dropbear SSH Command Injection Vulnerability

CVE ID : CVE-2025-47203
Published : May 7, 2025, 6:15 p.m. | 4 hours, 12 minutes ago
Description : dbclient in Dropbear SSH before 2025.88 allows command injection via an untrusted hostname argument, because a shell is used.
Severity: 4.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 18:15:00 GMT

read more

CVE-2025-47423 - Furbo Personal Weather Station File Disclosure Vulnerability

CVE ID : CVE-2025-47423
Published : May 7, 2025, 6:15 p.m. | 4 hours, 12 minutes ago
Description : Personal Weather Station Dashboard 12_lts allows unauthenticated remote attackers to read arbitrary files via ../ directory traversal in the test parameter to /others/_test.php, as demonstrated by reading the server's private SSL key in cleartext.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 18:15:00 GMT

read more

CVE-2025-20199 - "Cisco IOS XE CLI Privilege Escalation Vulnerability"

CVE ID : CVE-2025-20199
Published : May 7, 2025, 6:15 p.m. | 2 hours, 37 minutes ago
Description : A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device. This vulnerability is due to insufficient input validation when processing specific configuration commands. An attacker could exploit this vulnerability by including crafted input in specific configuration commands. A successful exploit could allow the attacker to elevate privileges to root on the underlying operating system of an affected device. The security impact rating (SIR) of this advisory has been raised to High because an attacker could gain access to the underlying operating system of the affected device and perform potentially undetected actions. Note: The attacker must have privileges to enter configuration mode on the affected device. This is usually referred to as privilege level 15.
Severity: 4.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 18:15:00 GMT

read more

CVE-2025-20200 - Cisco IOS XE Software CLI Privilege Escalation Vulnerability

CVE ID : CVE-2025-20200
Published : May 7, 2025, 6:15 p.m. | 2 hours, 37 minutes ago
Description : A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device. This vulnerability is due to insufficient input validation when processing specific configuration commands. An attacker could exploit this vulnerability by including crafted input in specific configuration commands. A successful exploit could allow the attacker to elevate privileges to root on the underlying operating system of an affected device. The security impact rating (SIR) of this advisory has been raised to High because an attacker could gain access to the underlying operating system of the affected device and perform potentially undetected actions. Note: The attacker must have privileges to enter configuration mode on the affected device. This is usually referred to as privilege level 15.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 18:15:00 GMT

read more

CVE-2025-20201 - Cisco IOS XE Software CLI Privilege Escalation Vulnerability

CVE ID : CVE-2025-20201
Published : May 7, 2025, 6:15 p.m. | 2 hours, 37 minutes ago
Description : A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device. This vulnerability is due to insufficient input validation when processing specific configuration commands. An attacker could exploit this vulnerability by including crafted input in specific configuration commands. A successful exploit could allow the attacker to elevate privileges to root on the underlying operating system of an affected device. The security impact rating (SIR) of this advisory has been raised to High because an attacker could gain access to the underlying operating system of the affected device and perform potentially undetected actions. Note: The attacker must have privileges to enter configuration mode on the affected device. This is usually referred to as privilege level 15.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 18:15:00 GMT

read more

CVE-2025-20191 - Cisco SISF DHCPv6 Denial of Service

CVE ID : CVE-2025-20191
Published : May 7, 2025, 6:15 p.m. | 37 minutes ago
Description : A vulnerability in the Switch Integrated Security Features (SISF) of Cisco IOS Software, Cisco IOS XE Software, Cisco NX-OS Software, and Cisco Wireless LAN Controller (WLC) AireOS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to the incorrect handling of DHCPv6 packets. An attacker could exploit this vulnerability by sending a crafted DHCPv6 packet to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
Severity: 7.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 18:15:00 GMT

read more

CVE-2025-20192 - Cisco IOS XE Software IKEv1 Phase 2 Denial of Service Vulnerability

CVE ID : CVE-2025-20192
Published : May 7, 2025, 6:15 p.m. | 37 minutes ago
Description : A vulnerability in the Internet Key Exchange version 1 (IKEv1) implementation of Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The attacker must have valid IKEv1 VPN credentials to exploit this vulnerability. This vulnerability is due to improper validation of IKEv1 phase 2 parameters before the IPsec security association creation request is handed off to the hardware cryptographic accelerator of an affected device. An attacker could exploit this vulnerability by sending crafted IKEv1 messages to the affected device. A successful exploit could allow the attacker to cause the device to reload.
Severity: 7.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 18:15:00 GMT

read more

CVE-2025-20193 - Cisco IOS XE Software Web-Based Management Interface File Disclosure Vulnerability

CVE ID : CVE-2025-20193
Published : May 7, 2025, 6:15 p.m. | 37 minutes ago
Description : A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an authenticated, low-privileged, remote attacker to perform an injection attack against an affected device.r This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web-based management interface. A successful exploit could allow the attacker to read files from the underlying operating system.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 18:15:00 GMT

read more

CVE-2025-20194 - Cisco IOS XE Software Web-Based Management Interface Authentication Bypass and File Disclosure Vulnerability

CVE ID : CVE-2025-20194
Published : May 7, 2025, 6:15 p.m. | 37 minutes ago
Description : A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an authenticated, low-privileged, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web-based management interface. A successful exploit could allow the attacker to read limited files from the underlying operating system or clear the syslog and licensing logs on the affected device.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 18:15:00 GMT

read more

CVE-2025-20195 - Cisco IOS XE CSRF Remote Command Execution Vulnerability

CVE ID : CVE-2025-20195
Published : May 7, 2025, 6:15 p.m. | 37 minutes ago
Description : A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform a CSRF attack and execute commands on the CLI of an affected device. This vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading an already authenticated user to follow a crafted link. A successful exploit could allow the attacker to clear the syslog, parser, and licensing logs on the affected device if the targeted user has privileges to clear those logs.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 18:15:00 GMT

read more

CVE-2025-20196 - Cisco IOx HTTP Request Handling Denial of Service

CVE ID : CVE-2025-20196
Published : May 7, 2025, 6:15 p.m. | 37 minutes ago
Description : A vulnerability in the Cisco IOx application hosting environment of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the Cisco IOx application hosting environment to stop responding, resulting in a denial of service (DoS) condition. This vulnerability is due to the improper handling of HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to cause the Cisco IOx application hosting environment to stop responding. The IOx process will need to be manually restarted to recover services.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 18:15:00 GMT

read more

CVE-2025-20197 - Cisco IOS XE Software CLI Command Injection Privilege Escalation

CVE ID : CVE-2025-20197
Published : May 7, 2025, 6:15 p.m. | 37 minutes ago
Description : A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device. This vulnerability is due to insufficient input validation when processing specific configuration commands. An attacker could exploit this vulnerability by including crafted input in specific configuration commands. A successful exploit could allow the attacker to elevate privileges to root on the underlying operating system of an affected device. The security impact rating (SIR) of this advisory has been raised to High because an attacker could gain access to the underlying operating system of the affected device and perform potentially undetected actions. Note: The attacker must have privileges to enter configuration mode on the affected device. This is usually referred to as privilege level 15.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 18:15:00 GMT

read more

CVE-2025-20198 - Cisco IOS XE Software CLI Privilege Escalation Vulnerability

CVE ID : CVE-2025-20198
Published : May 7, 2025, 6:15 p.m. | 37 minutes ago
Description : A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device. This vulnerability is due to insufficient input validation when processing specific configuration commands. An attacker could exploit this vulnerability by including crafted input in specific configuration commands. A successful exploit could allow the attacker to elevate privileges to root on the underlying operating system of an affected device. The security impact rating (SIR) of this advisory has been raised to High because an attacker could gain access to the underlying operating system of the affected device and perform potentially undetected actions. Note: The attacker must have privileges to enter configuration mode on the affected device. This is usually referred to as privilege level 15.
Severity: 4.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 18:15:00 GMT

read more

CVE-2025-46551 - JRuby-OpenSSL SSL Hostname Verification Bypass

CVE ID : CVE-2025-46551
Published : May 7, 2025, 5:15 p.m. | 39 minutes ago
Description : JRuby-OpenSSL is an add-on gem for JRuby that emulates the Ruby OpenSSL native library. Starting in JRuby-OpenSSL version 0.12.1 and prior to version 0.15.4 (corresponding to JRuby versions starting in 9.3.4.0 prior to 9.4.12.1 and 10.0.0.0 prior to 10.0.0.1), when verifying SSL certificates, JRuby-OpenSSL does not verify that the hostname presented in the certificate matches the one the user tries to connect to. This means a man-in-the-middle could just present any valid cert for a completely different domain they own, and JRuby would accept the cert. Anybody using JRuby to make requests of external APIs, or scraping the web, that depends on https to connect securely. JRuby-OpenSSL version 0.15.4 contains a fix for the issue. This fix is included in JRuby versions 10.0.0.1 and 9.4.12.1.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 17:15:00 GMT

read more

CVE-2024-47619 - Syslog-ng TLS Wildcard Certificate Matching Vulnerability

CVE ID : CVE-2024-47619
Published : May 7, 2025, 4:15 p.m. | 1 hour, 40 minutes ago
Description : syslog-ng is an enhanced log daemo. Prior to version 4.8.2, `tls_wildcard_match()` matches on certificates such as `foo.*.bar` although that is not allowed. It is also possible to pass partial wildcards such as `foo.a*c.bar` which glib matches but should be avoided / invalidated. This issue could have an impact on TLS connections, such as in man-in-the-middle situations. Version 4.8.2 contains a fix for the issue.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 16:15:00 GMT

read more

CVE-2025-46827 - Graylog HTML Form Cookie Disclosure

CVE ID : CVE-2025-46827
Published : May 7, 2025, 4:15 p.m. | 1 hour, 40 minutes ago
Description : Graylog is a free and open log management platform. Prior to versions 6.0.14, 6.1.10, and 6.2.0, it is possible to obtain user session cookies by submitting an HTML form as part of an Event Definition Remediation Step field. For this attack to succeed, the attacker needs a user account with permissions to create event definitions, while the user must have permissions to view alerts. Additionally, an active Input must be present on the Graylog server that is capable of receiving form data (e.g. a HTTP input, TCP raw or syslog etc). Versions 6.0.14, 6.1.10, and 6.2.0 fix the issue. No known workarounds are available, as long as the relatively rare prerequisites are met.
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 16:15:00 GMT

read more

CVE-2025-47657 - Productive Minds Productive Commerce SQL Injection

CVE ID : CVE-2025-47657
Published : May 7, 2025, 3:16 p.m. | 2 hours, 39 minutes ago
Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Productive Minds Productive Commerce allows SQL Injection. This issue affects Productive Commerce: from n/a through 1.1.22.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 15:16:00 GMT

read more

CVE-2025-47659 - WPBakery Visual Composer WHMCS Elements Cross-site Scripting (XSS)

CVE ID : CVE-2025-47659
Published : May 7, 2025, 3:16 p.m. | 2 hours, 39 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in voidcoders WPBakery Visual Composer WHMCS Elements allows Stored XSS. This issue affects WPBakery Visual Composer WHMCS Elements: from n/a through 1.0.4.1.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 15:16:00 GMT

read more

CVE-2025-47661 - Codemstory WordPress SimplePay CSRF Vulnerability

CVE ID : CVE-2025-47661
Published : May 7, 2025, 3:16 p.m. | 2 hours, 39 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in codemstory 워드프레스 결제 심플페이 allows Cross Site Request Forgery. This issue affects 워드프레스 결제 심플페이: from n/a through 5.2.11.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 15:16:00 GMT

read more

CVE-2025-47662 - Woobox Stored Cross-site Scripting (XSS)

CVE ID : CVE-2025-47662
Published : May 7, 2025, 3:16 p.m. | 2 hours, 39 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in woobox Woobox allows Stored XSS. This issue affects Woobox: from n/a through 1.6.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 15:16:00 GMT

read more

CVE-2025-47664 - ThimPress WP Pipes SSRF

CVE ID : CVE-2025-47664
Published : May 7, 2025, 3:16 p.m. | 2 hours, 39 minutes ago
Description : Server-Side Request Forgery (SSRF) vulnerability in ThimPress WP Pipes allows Server Side Request Forgery. This issue affects WP Pipes: from n/a through 1.4.2.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 15:16:00 GMT

read more

CVE-2025-47665 - Bistromatic N360 Splash Screen Stored Cross-site Scripting Vulnerability

CVE ID : CVE-2025-47665
Published : May 7, 2025, 3:16 p.m. | 2 hours, 39 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bistromatic N360 | Splash Screen allows Stored XSS. This issue affects N360 | Splash Screen: from n/a through 1.0.6.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 15:16:00 GMT

read more

CVE-2025-47667 - LiveAgent CSRF

CVE ID : CVE-2025-47667
Published : May 7, 2025, 3:16 p.m. | 2 hours, 39 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in qusupport LiveAgent allows Cross Site Request Forgery. This issue affects LiveAgent: from n/a through 4.4.7.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 15:16:00 GMT

read more

CVE-2025-47668 - CookieCode Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-47668
Published : May 7, 2025, 3:16 p.m. | 2 hours, 39 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cookiecode CookieCode allows Stored XSS. This issue affects CookieCode: from n/a through 2.4.4.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 15:16:00 GMT

read more

CVE-2025-47669 - Sabuj Kundu CBX Map for Google Map OpenStreetMap Cross-site Scripting

CVE ID : CVE-2025-47669
Published : May 7, 2025, 3:16 p.m. | 2 hours, 39 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sabuj Kundu CBX Map for Google Map & OpenStreetMap allows DOM-Based XSS. This issue affects CBX Map for Google Map & OpenStreetMap: from n/a through 1.1.12.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 15:16:00 GMT

read more

CVE-2025-47674 - Credova Financial CSRF

CVE ID : CVE-2025-47674
Published : May 7, 2025, 3:16 p.m. | 2 hours, 39 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in Credova Financial Credova_Financial allows Cross Site Request Forgery. This issue affects Credova_Financial: from n/a through 2.5.0.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 15:16:00 GMT

read more

CVE-2025-47675 - Woobox Cross-Site Scripting (XSS)

CVE ID : CVE-2025-47675
Published : May 7, 2025, 3:16 p.m. | 2 hours, 39 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in woobox Woobox allows DOM-Based XSS. This issue affects Woobox: from n/a through 1.6.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 15:16:00 GMT

read more

CVE-2025-47676 - Faiyaz Alam User Login History Stored Cross-site Scripting

CVE ID : CVE-2025-47676
Published : May 7, 2025, 3:16 p.m. | 2 hours, 39 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Faiyaz Alam User Login History allows Stored XSS. This issue affects User Login History: from n/a through 2.1.6.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 15:16:00 GMT

read more

CVE-2025-47677 - GT3themes Photo Gallery Stored Cross-site Scripting

CVE ID : CVE-2025-47677
Published : May 7, 2025, 3:16 p.m. | 2 hours, 39 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gt3themes Photo Gallery - GT3 Image Gallery & Gutenberg Block Gallery allows Stored XSS. This issue affects Photo Gallery - GT3 Image Gallery & Gutenberg Block Gallery: from n/a through 2.7.7.25.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 15:16:00 GMT

read more

CVE-2025-47679 - RS WP Book Showcase Cross-site Scripting (XSS)

CVE ID : CVE-2025-47679
Published : May 7, 2025, 3:16 p.m. | 2 hours, 39 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RS WP THEMES RS WP Book Showcase allows DOM-Based XSS. This issue affects RS WP Book Showcase: from n/a through 6.7.40.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 15:16:00 GMT

read more

CVE-2025-47681 - Ability, Inc Web Accessibility with Max Access CSRF

CVE ID : CVE-2025-47681
Published : May 7, 2025, 3:16 p.m. | 2 hours, 39 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in Ability, Inc Web Accessibility with Max Access allows Cross Site Request Forgery. This issue affects Web Accessibility with Max Access: from n/a through 2.0.9.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 15:16:00 GMT

read more

CVE-2025-47683 - Florent Maillefaud WP Maintenance Object Injection Vulnerability

CVE ID : CVE-2025-47683
Published : May 7, 2025, 3:16 p.m. | 2 hours, 39 minutes ago
Description : Deserialization of Untrusted Data vulnerability in Florent Maillefaud WP Maintenance allows Object Injection. This issue affects WP Maintenance: from n/a through 6.1.9.7.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 15:16:00 GMT

read more

CVE-2025-47684 - Smaily for WP CSRF Vulnerability

CVE ID : CVE-2025-47684
Published : May 7, 2025, 3:16 p.m. | 2 hours, 39 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in Smaily Smaily for WP allows Cross Site Request Forgery. This issue affects Smaily for WP: from n/a through 3.1.6.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 15:16:00 GMT

read more

CVE-2025-47685 - Moloni Contribuinte Checkout CSRF Stored XSS

CVE ID : CVE-2025-47685
Published : May 7, 2025, 3:16 p.m. | 2 hours, 39 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in Moloni Contribuinte Checkout allows Stored XSS. This issue affects Contribuinte Checkout: from n/a through 2.0.02.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 15:16:00 GMT

read more

CVE-2025-47686 - DELUCKS SEO Cross-site Scripting

CVE ID : CVE-2025-47686
Published : May 7, 2025, 3:16 p.m. | 2 hours, 39 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DELUCKS DELUCKS SEO allows Stored XSS. This issue affects DELUCKS SEO: from n/a through 2.5.9.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 15:16:00 GMT

read more

CVE-2025-47688 - Saad Iqbal Advanced File Manager Missing Authorization Vulnerability

CVE ID : CVE-2025-47688
Published : May 7, 2025, 3:16 p.m. | 2 hours, 39 minutes ago
Description : Missing Authorization vulnerability in Saad Iqbal Advanced File Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Advanced File Manager: from n/a through 5.3.1.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 15:16:00 GMT

read more

CVE-2025-47691 - Ultimate Member Code Injection

CVE ID : CVE-2025-47691
Published : May 7, 2025, 3:16 p.m. | 2 hours, 39 minutes ago
Description : Improper Control of Generation of Code ('Code Injection') vulnerability in Ultimate Member Ultimate Member allows Code Injection. This issue affects Ultimate Member: from n/a through 2.10.3.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 15:16:00 GMT

read more

CVE-2025-47692 - ContentStudio Missing Authorization Vulnerability

CVE ID : CVE-2025-47692
Published : May 7, 2025, 3:16 p.m. | 2 hours, 39 minutes ago
Description : Missing Authorization vulnerability in contentstudio ContentStudio allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ContentStudio: from n/a through 1.3.3.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 15:16:00 GMT

read more

CVE-2025-47656 - Spiraclethemes Site Library Cross-site Scripting (XSS)

CVE ID : CVE-2025-47656
Published : May 7, 2025, 3:16 p.m. | 1 hour, 37 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in spiraclethemes Spiraclethemes Site Library allows Stored XSS. This issue affects Spiraclethemes Site Library: from n/a through 1.4.0.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 15:16:00 GMT

read more

CVE-2025-47653 - WP-Recall PHP Remote File Inclusion Vulnerability

CVE ID : CVE-2025-47653
Published : May 7, 2025, 3:16 p.m. | 1 hour, 11 minutes ago
Description : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in tggfref WP-Recall allows PHP Local File Inclusion. This issue affects WP-Recall: from n/a through 16.26.14.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 15:16:00 GMT

read more

CVE-2025-47655 - themarketer2023 CSRF Stored XSS Vulnerability

CVE ID : CVE-2025-47655
Published : May 7, 2025, 3:16 p.m. | 1 hour, 11 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in themarketer2023 theMarketer allows Stored XSS. This issue affects theMarketer: from n/a through 1.4.7.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 15:16:00 GMT

read more

CVE-2020-36791 - Linux Kernel net_sched Out-of-Bounds Access Vulnerability

CVE ID : CVE-2020-36791
Published : May 7, 2025, 2:15 p.m. | 37 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: net_sched: keep alloc_hash updated after hash allocation In commit 599be01ee567 ("net_sched: fix an OOB access in cls_tcindex") I moved cp->hash calculation before the first tcindex_alloc_perfect_hash(), but cp->alloc_hash is left untouched. This difference could lead to another out of bound access. cp->alloc_hash should always be the size allocated, we should update it after this tcindex_alloc_perfect_hash().
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 14:15:00 GMT

read more

CVE-2025-29152 - Lemeconsultoria HCM Galera App Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-29152
Published : May 7, 2025, 2:15 p.m. | 37 minutes ago
Description : Cross-Site Scripting vulnerability in lemeconsultoria HCM galera.app v.4.58.0 allows an attacker to execute arbitrary code via multiple components, including Strategic Planning Perspective Registration, Training Request, Perspective Editing, Education Registration, Hierarchical Level Registration, Decision Level Registration, Perspective Registration, Company Group Registration, Company Registration, News Registration, Employee Editing, Goal Team Registration, Learning Resource Type Registration, Learning Resource Family Registration, Learning Resource Supplier Registration, and Cycle Maintenance.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 14:15:00 GMT

read more

CVE-2025-29153 - Lemeconsultoria HCM Galera.app SQL Injection

CVE ID : CVE-2025-29153
Published : May 7, 2025, 2:15 p.m. | 37 minutes ago
Description : SQL Injection vulnerability in lemeconsultoria HCM galera.app v.4.58.0 allows an attacker to execute arbitrary code via the Data export, filters functions.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 14:15:00 GMT

read more

CVE-2025-29154 - Lemeconsultoria HCM HTML Injection Vulnerability

CVE ID : CVE-2025-29154
Published : May 7, 2025, 2:15 p.m. | 37 minutes ago
Description : HTML injection vulnerability in lemeconsultoria HCM galera.app v.4.58.0 allows an attacker to execute arbitrary code via the .galera.app/ted/solicitacao_treinamento/, .galera.app/rh/metas/perspectiva_estrategica/edicao/, .galera.app/rh/cadastros/perspectivas/listagem/adc/, .galera.app/escolaridade/listagem/, .galera.app/estados_civis/cadastro/, .galera.app/nivel_hierarquico/listagem/, .galera.app/nivel_decisorio/cadastro/, .galera.app/escolaridade/cadastro/, .galera.app/nivel_decisorio/listagem/, .galera.app/rh/cadastros/perspectivas/listagem/, .galera.app/empresas_grupo/cadastro/, .galera.app/empresas/edicao/, .galera.app/liais/listagem/, .galera.app/noticias/listagem/, .galera.app/gerenciamento-de-ciclo/abertura/cadastrar, .galera.app/colaborador/cadastro/cursos/adc/edicao/, .galera.app/colaborador/cadastro/adc/, .galera.app/cads_aux/escalact/, .galera.app/ncf/tec/cadastro/ct/ .galera.app/rh/metas/painel/, .galera.app/rh/metas/equipe/edicao/, .galera.app/rh/pdi/tipo_recursos/edicao/, .galera.app/rh/pdi/familia_recursos/cadastro/, .galera.app/rh/pdi/fornecedores/edicao/, and .galera.app/rh/pdi/recursos/cadastro/ components.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 14:15:00 GMT

read more

CVE-2025-29602 - Flatpress Cross Site Scripting (XSS) in Administration Area

CVE ID : CVE-2025-29602
Published : May 7, 2025, 2:15 p.m. | 37 minutes ago
Description : flatpress 1.3.1 is vulnerable to Cross Site Scripting (XSS) in Administration area via Manage categories.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 14:15:00 GMT

read more

CVE-2025-33093 - IBM Sterling Partner Engagement Manager Exposed JWT Secret Vulnerability

CVE ID : CVE-2025-33093
Published : May 7, 2025, 11:15 a.m. | 3 hours, 37 minutes ago
Description : IBM Sterling Partner Engagement Manager 6.1.0, 6.2.0, 6.2.2 JWT secret is stored in public Helm Charts and is not stored as a Kubernetes secret.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 11:15:00 GMT

read more

CVE-2025-4104 - WordPress Frontend Dashboard Privilege Escalation

CVE ID : CVE-2025-4104
Published : May 7, 2025, 10:15 a.m. | 4 hours, 38 minutes ago
Description : The Frontend Dashboard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the fed_wp_ajax_fed_login_form_post() function in versions 1.0 to 2.2.6. This makes it possible for unauthenticated attackers to reset the administrator’s email and password, and elevate their privileges to that of an administrator.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 10:15:00 GMT

read more

CVE-2025-20965 - Samsung Bixby Unauthenticated Data Access Vulnerability

CVE ID : CVE-2025-20965
Published : May 7, 2025, 9:15 a.m. | 5 hours, 38 minutes ago
Description : Improper handling of insufficient permission in Bixby wakeup prior to version 2.3.74.8 allows local attackers to access sensitive data.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 09:15:00 GMT

read more

CVE-2025-20966 - Samsung Gallery Access Control Vulnerability

CVE ID : CVE-2025-20966
Published : May 7, 2025, 9:15 a.m. | 5 hours, 38 minutes ago
Description : Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows physical attackers to access data across multiple user profiles.
Severity: 4.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 09:15:00 GMT

read more

CVE-2025-20967 - Samsung Gallery File Access Vulnerability (Privilege Escalation)

CVE ID : CVE-2025-20967
Published : May 7, 2025, 9:15 a.m. | 5 hours, 38 minutes ago
Description : Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows attackers to read and write arbitrary file with the privilege of Samsung Gallery.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 09:15:00 GMT

read more

CVE-2025-20968 - Samsung Gallery Unauthenticated Remote Code Execution

CVE ID : CVE-2025-20968
Published : May 7, 2025, 9:15 a.m. | 5 hours, 38 minutes ago
Description : Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows remote attackers to access data and perform internal operations within Samsung Gallery.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 09:15:00 GMT

read more

CVE-2025-20969 - Samsung Gallery Input Validation Vulnerability

CVE ID : CVE-2025-20969
Published : May 7, 2025, 9:15 a.m. | 5 hours, 38 minutes ago
Description : Improper input validation in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows local attackers to access data within Samsung Gallery.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 09:15:00 GMT

read more

CVE-2025-20970 - Bixby Vision Privilege Escalation Vulnerability

CVE ID : CVE-2025-20970
Published : May 7, 2025, 9:15 a.m. | 5 hours, 38 minutes ago
Description : Improper access control in Bixby Vision prior to version 3.8.1 in Android 13, 3.8.3 in Android 14, 3.8.21 in Android 15 allows local attackers to access image files with Bixby Vision privilege.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 09:15:00 GMT

read more

CVE-2025-20971 - Samsung Flow Input Validation Vulnerability

CVE ID : CVE-2025-20971
Published : May 7, 2025, 9:15 a.m. | 5 hours, 38 minutes ago
Description : Improper input validation in Samsung Flow prior to version 4.9.17.6 allows local attackers to access data within Samsung Flow.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 09:15:00 GMT

read more

CVE-2025-20972 - Samsung Flow Intent Verification Vulnerability (Information Exposure)

CVE ID : CVE-2025-20972
Published : May 7, 2025, 9:15 a.m. | 5 hours, 38 minutes ago
Description : Improper verification of intent by broadcast receiver in Samsung Flow prior to version 4.9.17.6 allows local attackers to modify Samsung Flow configuration.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 09:15:00 GMT

read more

CVE-2025-20973 - Android Secure Folder Authentication Bypass

CVE ID : CVE-2025-20973
Published : May 7, 2025, 9:15 a.m. | 5 hours, 38 minutes ago
Description : Improper authentication in Secure Folder prior to version 1.8.12.0 in Android 13, and 1.9.21.00 in Android 14 allows physical attackers to reset the lock type of Secure Folder.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 09:15:00 GMT

read more

CVE-2025-20974 - Android PackageInstallerCN Permission Bypass

CVE ID : CVE-2025-20974
Published : May 7, 2025, 9:15 a.m. | 5 hours, 38 minutes ago
Description : Improper handling of insufficient permission in PackageInstallerCN prior to version 15.0.11.0 allows local attacker to bypass user interaction for requested installation.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 09:15:00 GMT

read more

CVE-2025-20975 - AODService Android Activity Hijacking Vulnerability

CVE ID : CVE-2025-20975
Published : May 7, 2025, 9:15 a.m. | 5 hours, 38 minutes ago
Description : Improper Export of Android Application Components in AODService prior to version 8.8.28.12 allows local attackers to launch arbitrary activity with systemui privilege.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 09:15:00 GMT

read more

CVE-2025-20976 - Samsung Notes Out-of-Bounds Read Vulnerability

CVE ID : CVE-2025-20976
Published : May 7, 2025, 9:15 a.m. | 5 hours, 38 minutes ago
Description : Out-of-bounds read in applying binary of text content in Samsung Notes prior to version 4.4.29.23 allows attackers to read out-of-bounds memory.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 09:15:00 GMT

read more

CVE-2025-20977 - Samsung Notes Implicit Intent Information Leak Vulnerability

CVE ID : CVE-2025-20977
Published : May 7, 2025, 9:15 a.m. | 5 hours, 38 minutes ago
Description : Use of implicit intent for sensitive communication in translation in Samsung Notes prior to version 4.4.29.23 allows local attackers to get sensitive information. User interaction is required for triggering this vulnerability.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 09:15:00 GMT

read more

CVE-2025-20978 - PENUP Privilege Escalation Vulnerability

CVE ID : CVE-2025-20978
Published : May 7, 2025, 9:15 a.m. | 5 hours, 38 minutes ago
Description : Improper access control in PENUP prior to version 3.9.19.32 allows local attackers to access files with PENUP privilege.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 09:15:00 GMT

read more

CVE-2025-20979 - Android libsavscmn Out-of-Bounds Write Arbitrary Code Execution

CVE ID : CVE-2025-20979
Published : May 7, 2025, 9:15 a.m. | 5 hours, 38 minutes ago
Description : Out-of-bounds write in libsavscmn prior to Android 15 allows local attackers to execute arbitrary code.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 09:15:00 GMT

read more

CVE-2025-20980 - Android libsavscmn Out-of-Bounds Write

CVE ID : CVE-2025-20980
Published : May 7, 2025, 9:15 a.m. | 5 hours, 38 minutes ago
Description : Out-of-bounds write in libsavscmn prior to Android 15 allows local attackers to cause memory corruption.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 09:15:00 GMT

read more

CVE-2025-27533 - Apache ActiveMQ Memory Allocation with Excessive Size Value Denial of Service

CVE ID : CVE-2025-27533
Published : May 7, 2025, 9:15 a.m. | 5 hours, 38 minutes ago
Description : Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ. During unmarshalling of OpenWire commands the size value of buffers was not properly validated which could lead to excessive memory allocation and be exploited to cause a denial of service (DoS) by depleting process memory, thereby affecting applications and services that rely on the availability of the ActiveMQ broker when not using mutual TLS connections. This issue affects Apache ActiveMQ: from 6.0.0 before 6.1.6, from 5.18.0 before 5.18.7, from 5.17.0 before 5.17.7, before 5.16.8. ActiveMQ 5.19.0 is not affected. Users are recommended to upgrade to version 6.1.6+, 5.19.0+, 5.18.7+, 5.17.7, or 5.16.8 or which fixes the issue. Existing users may implement mutual TLS to mitigate the risk on affected brokers.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 09:15:00 GMT

read more

CVE-2025-39361 - WProyal Royal Elementor Addons Cross-site Scripting (XSS)

CVE ID : CVE-2025-39361
Published : May 7, 2025, 9:15 a.m. | 5 hours, 38 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WProyal Royal Elementor Addons allows Stored XSS.This issue affects Royal Elementor Addons: from n/a through 1.7.1017.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 09:15:00 GMT

read more

CVE-2025-20960 - CocktailBarService Privilege Escalation Vulnerability

CVE ID : CVE-2025-20960
Published : May 7, 2025, 9:15 a.m. | 4 hours, 40 minutes ago
Description : Improper handling of insufficient permission in CocktailBarService prior to SMR May-2025 Release 1 allows local attackers to use the privileged api.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 09:15:00 GMT

read more

CVE-2025-20961 - Sepunion Service Privilege Escalation Vulnerability

CVE ID : CVE-2025-20961
Published : May 7, 2025, 9:15 a.m. | 4 hours, 40 minutes ago
Description : Improper handling of insufficient permission or privileges in sepunion service prior to SMR May-2025 Release 1 allows local privileged attackers to access files with system privilege.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 09:15:00 GMT

read more

CVE-2025-20962 - Samsung S Pen Gesture Service Position Tracking Vulnerability

CVE ID : CVE-2025-20962
Published : May 7, 2025, 9:15 a.m. | 4 hours, 40 minutes ago
Description : Improper handling of insufficient permission in SpenGesture service prior to SMR May-2025 Release 1 allows local attackers to track the S Pen position.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 09:15:00 GMT

read more

CVE-2025-20963 - Symantec Antivirus Buffer Overflow

CVE ID : CVE-2025-20963
Published : May 7, 2025, 9:15 a.m. | 4 hours, 40 minutes ago
Description : Out-of-bounds write in memory initialization in libsavsvc.so prior to SMR May-2025 Release 1 allows local attackers to write out-of-bounds memory.
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 09:15:00 GMT

read more

CVE-2025-20964 - Apache Libsavsrv Out-of-Bounds Write Vulnerability

CVE ID : CVE-2025-20964
Published : May 7, 2025, 9:15 a.m. | 4 hours, 40 minutes ago
Description : Out-of-bounds write in parsing media files in libsavsvc.so prior to SMR May-2025 Release 1 allows local attackers to write out-of-bounds memory.
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 09:15:00 GMT

read more

CVE-2025-20958 - UnifiedWFC Wireless Fingerprinting Information Disclosure

CVE ID : CVE-2025-20958
Published : May 7, 2025, 9:15 a.m. | 39 minutes ago
Description : Improper verification of intent by broadcast receiver in UnifiedWFC prior to SMR May-2025 Release 1 allows local attackers to manipulate VoWiFi related behaviors.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 09:15:00 GMT

read more

CVE-2025-20959 - Samsung Wi-Fi P2P Sensitive Information Disclosure

CVE ID : CVE-2025-20959
Published : May 7, 2025, 9:15 a.m. | 39 minutes ago
Description : Use of implicit intent for sensitive communication in Wi-Fi P2P service prior to SMR May-2025 Release 1 allows local attackers to access sensitive information.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 09:15:00 GMT

read more

CVE-2025-3766 - WordPress Login Lockdown Protection Unauthorized Nonce Access Vulnerability

CVE ID : CVE-2025-3766
Published : May 7, 2025, 5:15 a.m. | 1 hour, 11 minutes ago
Description : The Login Lockdown & Protection plugin for WordPress is vulnerable to unauthorized nonce access due to a missing capability check on the ajax_run_tool function in all versions up to, and including, 2.11. This makes it possible for authenticated attackers, with Subscriber-level access and above, to obtain a valid nonce that can be used to generate a global unlock key, which can in turn be used to add arbitrary IP address to the plugin allowlist. This can only by exploited on new installations where the site administrator hasn't visited the loginlockdown page yet.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 05:15:00 GMT

read more

CVE-2025-2821 - WordPress Search Exclude Plugin Unauthenticated Data Modification

CVE ID : CVE-2025-2821
Published : May 7, 2025, 3:15 a.m. | 3 hours, 12 minutes ago
Description : The Search Exclude plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the get_rest_permission function in all versions up to, and including, 2.4.9. This makes it possible for unauthenticated attackers to modify plugin settings, excluding content from search results.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 03:15:00 GMT

read more

CVE-2025-3844 - PeproDev Ultimate Profile Solutions WordPress Authentication Bypass

CVE ID : CVE-2025-3844
Published : May 7, 2025, 3:15 a.m. | 3 hours, 12 minutes ago
Description : The PeproDev Ultimate Profile Solutions plugin for WordPress is vulnerable to Authentication Bypass in versions 1.9.1 to 7.5.2. This is due to handel_ajax_req() function not having proper restrictions on the change_user_meta functionality that makes it possible to set a OTP code and subsequently log in with that OTP code. This makes it possible for unauthenticated attackers to login as other users on the site, including administrators.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 03:15:00 GMT

read more

CVE-2025-3851 - WordPress SmartPay Insecure Direct Object Reference Vulnerability

CVE ID : CVE-2025-3851
Published : May 7, 2025, 3:15 a.m. | 3 hours, 12 minutes ago
Description : The Download Manager and Payment Form WordPress Plugin – WP SmartPay plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions 1.1.0 to 2.7.13 via the show() function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view other user's data like email address, name, and notes.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 03:15:00 GMT

read more

CVE-2025-3852 - Wordpress WPshop E-Commerce Privilege Escalation Vulnerability

CVE ID : CVE-2025-3852
Published : May 7, 2025, 3:15 a.m. | 3 hours, 12 minutes ago
Description : The WPshop 2 – E-Commerce plugin for WordPress is vulnerable to privilege escalation via account takeover in versions 2.0.0 to 2.6.0. This is due to the plugin not properly validating a user's identity prior to updating their details like email & password through the update() function. This makes it possible for authenticated attackers, with subscriber-level access and above, to change arbitrary user's passwords, including administrators, and leverage that to gain access to their account.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 03:15:00 GMT

read more

CVE-2025-3853 - WordPress WPshop E-Commerce Plugin Insecure Direct Object Reference Vulnerability

CVE ID : CVE-2025-3853
Published : May 7, 2025, 3:15 a.m. | 3 hours, 12 minutes ago
Description : The WPshop 2 – E-Commerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions 2.0.0 to 2.6.0 via the callback_generate_api_key() due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create valid API keys on behalf of other users.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 03:15:00 GMT

read more

CVE-2025-3860 - CarDealerPress for WordPress Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3860
Published : May 7, 2025, 3:15 a.m. | 3 hours, 12 minutes ago
Description : The CarDealerPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘saleclass' parameter in all versions up to, and including, 6.7.2504.00 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 03:15:00 GMT

read more

CVE-2025-3921 - PeproDev Ultimate Profile Solutions WordPress Unauthenticated Data Modification Vulnerability

CVE ID : CVE-2025-3921
Published : May 7, 2025, 3:15 a.m. | 3 hours, 12 minutes ago
Description : The PeproDev Ultimate Profile Solutions plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the handel_ajax_req() function in versions 1.9.1 to 7.5.2. This makes it possible for unauthenticated attackers to update arbitrary user's metadata which can be leveraged to block an administrator from accessing their site when wp_capabilities is set to 0.
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 03:15:00 GMT

read more

CVE-2025-3924 - PeproDev Ultimate Profile Solutions WordPress Unauthenticated Email Disclosure

CVE ID : CVE-2025-3924
Published : May 7, 2025, 3:15 a.m. | 3 hours, 12 minutes ago
Description : The PeproDev Ultimate Profile Solutions plugin for WordPress is vulnerable to unauthorized access of data via its publicly exposed reset-password endpoint. The plugin looks up the 'valid_email' value based solely on a supplied username parameter, without verifying that the requester is associated with that user account. This allows unauthenticated attackers to enumerate email addresses for any user, including administrators.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 03:15:00 GMT

read more

CVE-2025-4054 - Relevanssi WordPress Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-4054
Published : May 7, 2025, 3:15 a.m. | 3 hours, 12 minutes ago
Description : The Relevanssi – A Better Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the highlights functionality in all versions up to, and including, 4.24.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page via the search results.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 03:15:00 GMT

read more

CVE-2025-4055 - WordPress Multiple Post Type Order Stored Cross-Site Scripting

CVE ID : CVE-2025-4055
Published : May 7, 2025, 3:15 a.m. | 3 hours, 12 minutes ago
Description : The Multiple Post Type Order plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mpto' shortcode in all versions up to, and including, 1.10.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 03:15:00 GMT

read more

CVE-2025-4220 - Xavin's List Subpages WordPress Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-4220
Published : May 7, 2025, 3:15 a.m. | 3 hours, 12 minutes ago
Description : The Xavin's List Subpages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'xls' shortcode in all versions up to, and including, 1.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 03:15:00 GMT

read more

CVE-2025-4335 - "WordPress Woocommerce Multiple Addresses Privilege Escalation Vulnerability"

CVE ID : CVE-2025-4335
Published : May 7, 2025, 3:15 a.m. | 3 hours, 12 minutes ago
Description : The Woocommerce Multiple Addresses plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.0.7.1. This is due to insufficient restrictions on user meta that can be updated through the save_multiple_shipping_addresses() function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to elevate their privileges to that of an administrator.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 03:15:00 GMT

read more

CVE-2025-3218 - IBM i Netserver Authentication Bypass

CVE ID : CVE-2025-3218
Published : May 7, 2025, 2:15 a.m. | 4 hours, 12 minutes ago
Description : IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 is vulnerable to authentication and authorization attacks due to incorrect validation processing in IBM i Netserver. A malicious actor could use the weaknesses, in conjunction with brute force authentication attacks or to bypass authority restrictions, to access the server.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 07 May 2025 02:15:00 GMT

read more

CVE-2025-0855 - WordPress PGS Core Plugin PHP Object Injection Vulnerability

CVE ID : CVE-2025-0855
Published : May 6, 2025, 11:15 p.m. | 7 hours, 11 minutes ago
Description : The PGS Core plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 5.8.0 via deserialization of untrusted input in the 'import_header' function. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 23:15:00 GMT

read more

CVE-2025-0856 - WordPress PGS Core Plugin Unauthenticated Remote Data Manipulation

CVE ID : CVE-2025-0856
Published : May 6, 2025, 11:15 p.m. | 7 hours, 11 minutes ago
Description : The PGS Core plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on multiple functions in all versions up to, and including, 5.8.0. This makes it possible for unauthenticated attackers to add, modify, or plugin options.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 23:15:00 GMT

read more

CVE-2025-0853 - WordPress PGS Core Plugin SQL Injection Vulnerability

CVE ID : CVE-2025-0853
Published : May 6, 2025, 10:15 p.m. | 8 hours, 12 minutes ago
Description : The PGS Core plugin for WordPress is vulnerable to SQL Injection via the 'event' parameter in the 'save_header_builder' function in all versions up to, and including, 5.8.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 22:15:00 GMT

read more

CVE-2025-47420 - Crestron Automate VX Privilege Escalation Vulnerability

CVE ID : CVE-2025-47420
Published : May 6, 2025, 10:15 p.m. | 8 hours, 12 minutes ago
Description : 266 vulnerability in Crestron Automate VX allows Privilege Escalation.This issue affects Automate VX: from 5.6.8161.21536 through 6.4.0.49.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 22:15:00 GMT

read more

CVE-2025-4372 - Google Chrome WebAudio Use After Free Vulnerability

CVE ID : CVE-2025-4372
Published : May 6, 2025, 10:15 p.m. | 8 hours, 12 minutes ago
Description : Use after free in WebAudio in Google Chrome prior to 136.0.7103.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 22:15:00 GMT

read more

CVE-2025-44073 - SeaCMS SQL Injection Vulnerability

CVE ID : CVE-2025-44073
Published : May 6, 2025, 9:16 p.m. | 9 hours, 11 minutes ago
Description : SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component admin_comment_news.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 21:16:00 GMT

read more

CVE-2025-44899 - Tenda RX3 Stack Overflow Vulnerability in WifiGuestSet

CVE ID : CVE-2025-44899
Published : May 6, 2025, 9:16 p.m. | 9 hours, 11 minutes ago
Description : There is a stack overflow vulnerability in Tenda RX3 V1.0br_V16.03.13.11 In the fromSetWifiGusetBasic function of the web url /goform/ WifiGuestSet, the manipulation of the parameter shareSpeed leads to stack overflow.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 21:16:00 GMT

read more

CVE-2025-46572 - Auth0 Passport-wsfed-saml2 SAML Authentication Bypass

CVE ID : CVE-2025-46572
Published : May 6, 2025, 9:16 p.m. | 9 hours, 11 minutes ago
Description : passport-wsfed-saml2 provides passport strategy for both WS-fed and SAML2 protocol. A vulnerability present starting in version 3.0.5 up to and including version 4.6.3 allows an attacker to impersonate any user in the Auth0 tenant during SAML authentication by crafting a SAMLResponse. This can be done by using a valid SAML object that was signed by the configured IdP. Users are affected specifically when the service provider is using passport-wsfed-saml2 and a valid SAML document signed by the Identity Provider can be obtained. Version 4.6.4 contains a fix for the vulnerability.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 21:16:00 GMT

read more

CVE-2025-46573 - OpenSAMLPassport-WSFed Impersonation Vulnerability

CVE ID : CVE-2025-46573
Published : May 6, 2025, 9:16 p.m. | 9 hours, 11 minutes ago
Description : passport-wsfed-saml2 provides passport strategy for both WS-fed and SAML2 protocol. A vulnerability present starting in version 3.0.5 up to and including version 4.6.3 allows an attacker to impersonate any user during SAML authentication by tampering with a valid SAML response. This can be done by adding attributes to the response. Users are affected specifically when the service provider is using `passport-wsfed-saml2` and a valid SAML Response signed by the Identity Provider can be obtained. Version 4.6.4 contains a fix for the vulnerability.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 21:16:00 GMT

read more

CVE-2025-47418 - Crestron Automate VX Sensitive Information Exposure

CVE ID : CVE-2025-47418
Published : May 6, 2025, 9:16 p.m. | 9 hours, 11 minutes ago
Description : Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Crestron Automate VX allows Functionality Misuse. There is no visible indication when the system is recording and recording can be enabled remotely via a network API. This issue affects Automate VX: from 5.6.8161.21536 through 6.4.0.49.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 21:16:00 GMT

read more

CVE-2025-47419 - Crestron Automate VX Insecure Communication Vulnerability

CVE ID : CVE-2025-47419
Published : May 6, 2025, 9:16 p.m. | 9 hours, 11 minutes ago
Description : Cleartext Transmission of Sensitive Information vulnerability in Crestron Automate VX allows Sniffing Network Traffic. The device allows Web UI and API access over non-secure network ports which exposes sensitive information such as user passwords. This issue affects Automate VX: from 5.6.8161.21536 through 6.4.0.49.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 21:16:00 GMT

read more

CVE-2025-0649 - Google Tensorflow Serving JSON Deserialization Remote Crash

CVE ID : CVE-2025-0649
Published : May 6, 2025, 9:16 p.m. | 7 hours, 36 minutes ago
Description : Incorrect JSON input stringification in Google's Tensorflow serving versions up to 2.18.0 allows for potentially unbounded recursion leading to server crash.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 21:16:00 GMT

read more

CVE-2024-12225 - Quarkus WebAuthn Default Endpoints Information Disclosure and Authentication Bypass

CVE ID : CVE-2024-12225
Published : May 6, 2025, 8:15 p.m. | 6 hours, 12 minutes ago
Description : A vulnerability was found in Quarkus in the quarkus-security-webauthn module. The Quarkus WebAuthn module publishes default REST endpoints for registering and logging users in while allowing developers to provide custom REST endpoints. When developers provide custom REST endpoints, the default endpoints remain accessible, potentially allowing attackers to obtain a login cookie that has no corresponding user in the Quarkus application or, depending on how the application is written, could correspond to an existing user that has no relation with the current attacker, allowing anyone to log in as an existing user by just knowing that user's user name.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 20:15:00 GMT

read more

CVE-2025-47256 - Libxmp Buffer Overflow Vulnerability

CVE ID : CVE-2025-47256
Published : May 6, 2025, 8:15 p.m. | 6 hours, 12 minutes ago
Description : Libxmp through 4.6.2 has a stack-based buffer overflow in depack_pha in loaders/prowizard/pha.c via a malformed Pha format tracker module in a .mod file.
Severity: 5.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 20:15:00 GMT

read more

CVE-2025-47417 - Crestron Automate VX Sensitive Information Exposure

CVE ID : CVE-2025-47417
Published : May 6, 2025, 8:15 p.m. | 6 hours, 12 minutes ago
Description : Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Crestron Automate VX allows Functionality Misuse. When Enable Debug Images in Crestron Automate VX is active, snapshots of the captured video or portions thereof are stored locally on the system, and there is no visible indication that this is being done. This issue affects Automate VX: from 5.6.8161.21536 through 6.4.0.49.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 20:15:00 GMT

read more

CVE-2025-46816 - "goshs Command Injection Vulnerability"

CVE ID : CVE-2025-46816
Published : May 6, 2025, 7:16 p.m. | 7 hours, 11 minutes ago
Description : goshs is a SimpleHTTPServer written in Go. Starting in version 0.3.4 and prior to version 1.0.5, running goshs without arguments makes it possible for anyone to execute commands on the server. The function `dispatchReadPump` does not checks the option cli `-c`, thus allowing anyone to execute arbitrary command through the use of websockets. Version 1.0.5 fixes the issue.
Severity: 9.4 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 19:16:00 GMT

read more

CVE-2025-46820 - GitHub phpgt/Dom GitHub Token Disclosure

CVE ID : CVE-2025-46820
Published : May 6, 2025, 7:16 p.m. | 7 hours, 11 minutes ago
Description : phpgt/Dom provides access to modern DOM APIs. Versions of phpgt/Dom prior to 4.1.8 expose the GITHUB_TOKEN in the Dom workflow run artifact. The ci.yml workflow file uses actions/upload-artifact@v4 to upload the build artifact. This artifact is a zip of the current directory, which includes the automatically generated .git/config file containing the run's GITHUB_TOKEN. Seeing as the artifact can be downloaded prior to the end of the workflow, there is a few seconds where an attacker can extract the token from the artifact and use it with the GitHub API to push malicious code or rewrite release commits in your repository. Any downstream user of the repository may be affected, but the token should only be valid for the duration of the workflow run, limiting the time during which exploitation could occur. Version 4.1.8 fixes the issue.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 19:16:00 GMT

read more

CVE-2025-25014 - Kibana Prototype Pollution Remote Code Execution

CVE ID : CVE-2025-25014
Published : May 6, 2025, 6:15 p.m. | 8 hours, 12 minutes ago
Description : A Prototype pollution vulnerability in Kibana leads to arbitrary code execution via crafted HTTP requests to machine learning and reporting endpoints.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 18:15:00 GMT

read more

CVE-2025-37730 - Logstash SSL Verification MitM Vulnerability

CVE ID : CVE-2025-37730
Published : May 6, 2025, 6:15 p.m. | 8 hours, 12 minutes ago
Description : Improper certificate validation in Logstash's TCP output could lead to a man-in-the-middle (MitM) attack in “client” mode, as hostname verification in TCP output was not being performed when the ssl_verification_mode => full was set.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 18:15:00 GMT

read more

CVE-2025-44900 - Tenda RX3 Buffer Overflow

CVE ID : CVE-2025-44900
Published : May 6, 2025, 6:15 p.m. | 8 hours, 12 minutes ago
Description : In Tenda RX3 V1.0br_V16.03.13.11 in the GetParentControlInfo function of the web url /goform/GetParentControlInfo, the manipulation of the parameter mac leads to stack overflow.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 18:15:00 GMT

read more

CVE-2025-46815 - ZITADEL IdP Intent Session Token Abuse

CVE ID : CVE-2025-46815
Published : May 6, 2025, 6:15 p.m. | 8 hours, 12 minutes ago
Description : The identity infrastructure software ZITADEL offers developers the ability to manage user sessions using the Session API. This API enables the use of IdPs for authentication, known as idp intents. Following a successful idp intent, the client receives an id and token on a predefined URI. These id and token can then be used to authenticate the user or their session. However, prior to versions 3.0.0, 2.71.9, and 2.70.10, it was possible to exploit this feature by repeatedly using intents. This allowed an attacker with access to the application’s URI to retrieve the id and token, enabling them to authenticate on behalf of the user. It's important to note that the use of additional factors (MFA) prevents a complete authentication process and, consequently, access to the ZITADEL API. Versions 3.0.0, 2.71.9, and 2.70.10 contain a fix for the issue. No known workarounds other than upgrading are available.
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 18:15:00 GMT

read more

CVE-2025-4388 - Liferay Portal/DXP Reflected Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-4388
Published : May 6, 2025, 6:15 p.m. | 8 hours, 12 minutes ago
Description : A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4.5, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12, 7.4 GA through update 92 allows an remote non-authenticated attacker to inject JavaScript into the modules/apps/marketplace/marketplace-app-manager-web.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 18:15:00 GMT

read more

CVE-2025-46735 - Terraform WinDNS Provider Authenticated Command Injection

CVE ID : CVE-2025-46735
Published : May 6, 2025, 5:16 p.m. | 9 hours, 11 minutes ago
Description : Terraform WinDNS Provider allows users to manage their Windows DNS server resources through Terraform. A security issue has been found in Terraform WinDNS Provider before version `1.0.5`. The `windns_record` resource did not sanitize the input variables. This could lead to authenticated command injection in the underlyding powershell command prompt. Version 1.0.5 contains a fix for the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 17:16:00 GMT

read more

CVE-2025-46736 - Umbraco Account Existence Disclosure

CVE ID : CVE-2025-46736
Published : May 6, 2025, 5:16 p.m. | 9 hours, 11 minutes ago
Description : Umbraco is a free and open source .NET content management system. Prior to versions 10.8.10 and 13.8.1, based on an analysis of the timing of post login API responses, it's possible to determine whether an account exists. The issue is patched in versions 10.8.10 and 13.8.1. No known workarounds are available.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 17:16:00 GMT

read more

CVE-2025-4041 - Optigo Networks ONS NC600 Command Injection Vulnerability

CVE ID : CVE-2025-4041
Published : May 6, 2025, 5:16 p.m. | 9 hours, 11 minutes ago
Description : In Optigo Networks ONS NC600 versions 4.2.1-084 through 4.7.2-330, an attacker could connect with the device's ssh server and utilize the system's components to perform OS command executions.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 17:16:00 GMT

read more

CVE-2025-30165 - vLLM ZeroMQ Remote Code Execution Vulnerability

CVE ID : CVE-2025-30165
Published : May 6, 2025, 5:16 p.m. | 3 hours, 11 minutes ago
Description : vLLM is an inference and serving engine for large language models. In a multi-node vLLM deployment using the V0 engine, vLLM uses ZeroMQ for some multi-node communication purposes. The secondary vLLM hosts open a `SUB` ZeroMQ socket and connect to an `XPUB` socket on the primary vLLM host. When data is received on this `SUB` socket, it is deserialized with `pickle`. This is unsafe, as it can be abused to execute code on a remote machine. Since the vulnerability exists in a client that connects to the primary vLLM host, this vulnerability serves as an escalation point. If the primary vLLM host is compromised, this vulnerability could be used to compromise the rest of the hosts in the vLLM deployment. Attackers could also use other means to exploit the vulnerability without requiring access to the primary vLLM host. One example would be the use of ARP cache poisoning to redirect traffic to a malicious endpoint used to deliver a payload with arbitrary code to execute on the target machine. Note that this issue only affects the V0 engine, which has been off by default since v0.8.0. Further, the issue only applies to a deployment using tensor parallelism across multiple hosts, which we do not expect to be a common deployment pattern. Since V0 is has been off by default since v0.8.0 and the fix is fairly invasive, the maintainers of vLLM have decided not to fix this issue. Instead, the maintainers recommend that users ensure their environment is on a secure network in case this pattern is in use. The V1 engine is not affected by this issue.
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 17:16:00 GMT

read more

CVE-2025-32022 - Finit Urandom Heap Buffer Overwrite Vulnerability

CVE ID : CVE-2025-32022
Published : May 6, 2025, 5:16 p.m. | 3 hours, 11 minutes ago
Description : Finit provides fast init for Linux systems. Finit's urandom plugin has a heap buffer overwrite vulnerability at boot which leads to it overwriting other parts of the heap, possibly causing random instabilities and undefined behavior. The urandom plugin is enabled by default, so this bug affects everyone using Finit 4.2 or later that do not explicitly disable the plugin at build time. This bug is fixed in Finit 4.12. Those who cannot upgrade or backport the fix to urandom.c are strongly recommended to disable the plugin in the call to the `configure` script.
Severity: 4.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 17:16:00 GMT

read more

CVE-2025-45250 - MrDoc SSRF Vulnerability

CVE ID : CVE-2025-45250
Published : May 6, 2025, 5:16 p.m. | 3 hours, 11 minutes ago
Description : MrDoc v0.95 and before is vulnerable to Server-Side Request Forgery (SSRF) in the validate_url function of the app_doc/utils.py file.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 17:16:00 GMT

read more

CVE-2023-33770 - "RealtyX SQL Injection"

CVE ID : CVE-2023-33770
Published : May 6, 2025, 5:15 p.m. | 3 hours, 11 minutes ago
Description : Real Estate Management System v1.0 was discovered to contain a SQL injection vulnerability via the message parameter at /contact.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 17:15:00 GMT

read more

CVE-2025-22476 - Dell Storage Center Dell Storage Manager Command Injection

CVE ID : CVE-2025-22476
Published : May 6, 2025, 5:15 p.m. | 3 hours, 11 minutes ago
Description : Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to Remote execution.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 17:15:00 GMT

read more

CVE-2025-26262 - R-fx Networks Linux Malware Detect Arbitrary Code Execution and Privilege Escalation

CVE ID : CVE-2025-26262
Published : May 6, 2025, 5:15 p.m. | 3 hours, 11 minutes ago
Description : An issue in the component /internals/functions of R-fx Networks Linux Malware Detect v1.6.5 allows attackers to escalate privileges and execute arbitrary code via supplying a file that contains a crafted filename.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 17:15:00 GMT

read more

2024, une année marquée par un nombre record de violations de données personnelles

Free, France Travail, Viamedis et Almerys, Boulanger, Cultura… L’année 2024 aura été incontestablement marquée par un nombre record de violations de données personnelles, dont certaines très massives, concernant des dizaines de millions de Français.

Tue, 06 May 2025 16:53:00 GMT

read more

CVE-2025-45487 - Linksys E5600 Command Injection Vulnerability

CVE ID : CVE-2025-45487
Published : May 6, 2025, 4:15 p.m. | 4 hours, 12 minutes ago
Description : Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.InternetConnection function.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 16:15:00 GMT

read more

CVE-2025-45488 - Linksys E5600 Command Injection Vulnerability

CVE ID : CVE-2025-45488
Published : May 6, 2025, 4:15 p.m. | 4 hours, 12 minutes ago
Description : Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the mailex parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 16:15:00 GMT

read more

CVE-2025-45489 - Linksys E5600 Command Injection Vulnerability

CVE ID : CVE-2025-45489
Published : May 6, 2025, 4:15 p.m. | 4 hours, 12 minutes ago
Description : Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the hostname parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 16:15:00 GMT

read more

CVE-2025-45490 - Linksys E5600 Command Injection Vulnerability

CVE ID : CVE-2025-45490
Published : May 6, 2025, 4:15 p.m. | 4 hours, 12 minutes ago
Description : Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the password parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 16:15:00 GMT

read more

CVE-2025-45491 - Linksys E5600 Command Injection Vulnerability

CVE ID : CVE-2025-45491
Published : May 6, 2025, 4:15 p.m. | 4 hours, 12 minutes ago
Description : Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the username parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 16:15:00 GMT

read more

CVE-2025-45492 - Netgear EX8000 Command Injection Vulnerability

CVE ID : CVE-2025-45492
Published : May 6, 2025, 4:15 p.m. | 4 hours, 12 minutes ago
Description : Netgear EX8000 V1.0.0.126 is vulnerable to Command Injection via the Iface parameter in the action_wireless function.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 16:15:00 GMT

read more

CVE-2025-4363 - iSourcecode Gym Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4363
Published : May 6, 2025, 4:15 p.m. | 4 hours, 12 minutes ago
Description : A vulnerability, which was classified as critical, has been found in itsourcecode Gym Management System 1.0. This issue affects some unknown processing of the file /ajax.php?action=end_membership. The manipulation of the argument rid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 16:15:00 GMT

read more

CVE-2025-4368 - Tenda AC8 Buffer Overflow Vulnerability

CVE ID : CVE-2025-4368
Published : May 6, 2025, 4:15 p.m. | 4 hours, 12 minutes ago
Description : A vulnerability, which was classified as critical, was found in Tenda AC8 16.03.34.06. Affected is the function formGetRouterStatus of the file /goform/MtuSetMacWan. The manipulation of the argument shareSpeed leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 16:15:00 GMT

read more

CVE-2025-4384 - PcVue MQTT Certificate Validation Bypass

CVE ID : CVE-2025-4384
Published : May 6, 2025, 4:15 p.m. | 4 hours, 12 minutes ago
Description : The MQTT add-on of PcVue fails to verify that a remote device’s certificate has not already expired or has not yet become valid. This allows malicious devices to present certificates that are not rejected properly. The use of a client certificate reduces the risk for random devices to take advantage of this flaw.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 16:15:00 GMT

read more

CVE-2025-22477 - Dell Storage Center Dell Storage Manager Authentication Bypass

CVE ID : CVE-2025-22477
Published : May 6, 2025, 4:15 p.m. | 2 hours, 12 minutes ago
Description : Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper Authentication vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Elevation of privileges.
Severity: 8.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 16:15:00 GMT

read more

CVE-2025-22478 - Dell Storage Center - Dell Storage Manager XML External Entity Reference Vulnerability

CVE ID : CVE-2025-22478
Published : May 6, 2025, 4:15 p.m. | 2 hours, 12 minutes ago
Description : Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper Restriction of XML External Entity Reference vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Information disclosure and Information tampering.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 16:15:00 GMT

read more

CVE-2025-22479 - Dell Storage Center - Dell Storage Manager Path Traversal Vulnerability

CVE ID : CVE-2025-22479
Published : May 6, 2025, 4:15 p.m. | 2 hours, 12 minutes ago
Description : Dell Storage Center - Dell Storage Manager, version(s) 20.0.21, contain(s) an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Script injection.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 16:15:00 GMT

read more

CVE-2025-23379 - Dell Storage Center - Dell Storage Manager Cross-site Scripting

CVE ID : CVE-2025-23379
Published : May 6, 2025, 4:15 p.m. | 2 hours, 12 minutes ago
Description : Dell Storage Center - Dell Storage Manager, version(s) 21.0.20, contain(s) an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Script injection.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 16:15:00 GMT

read more

CVE-2025-4362 - iSourcecode Gym Management System SQL Injection

CVE ID : CVE-2025-4362
Published : May 6, 2025, 3:16 p.m. | 3 hours, 11 minutes ago
Description : A vulnerability classified as critical was found in itsourcecode Gym Management System 1.0. This vulnerability affects unknown code of the file /ajax.php?action=save_membership. The manipulation of the argument member_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 15:16:00 GMT

read more

CVE-2025-4373 - GLib Integer Overflow Buffer Underwrite

CVE ID : CVE-2025-4373
Published : May 6, 2025, 3:16 p.m. | 3 hours, 11 minutes ago
Description : A flaw was found in GLib, which is vulnerable to an integer overflow in the g_string_insert_unichar() function. When the position at which to insert the character is large, the position will overflow, leading to a buffer underwrite.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 15:16:00 GMT

read more

CVE-2025-4374 - Quay Unauthorized Privilege Escalation Vulnerability

CVE ID : CVE-2025-4374
Published : May 6, 2025, 3:16 p.m. | 3 hours, 11 minutes ago
Description : A flaw was found in Quay. When an organization acts as a proxy cache, and a user or robot pulls an image that hasn't been mirrored yet, they are granted "Admin" permissions on the newly created repository.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 15:16:00 GMT

read more

CVE-2025-2898 - IBM Maximo Application Suite Privilege Escalation Vulnerability

CVE ID : CVE-2025-2898
Published : May 6, 2025, 3:16 p.m. | 35 minutes ago
Description : IBM Maximo Application Suite 9.0 could allow an attacker with some level of access to elevate their privileges due to a security configuration vulnerability in Role-Based Access Control (RBAC) configurations.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 15:16:00 GMT

read more

CVE-2025-46814 - FastAPI Guard HTTP Header Injection Vulnerability

CVE ID : CVE-2025-46814
Published : May 6, 2025, 3:16 p.m. | 35 minutes ago
Description : FastAPI Guard is a security library for FastAPI that provides middleware to control IPs, log requests, and detect penetration attempts. An HTTP header injection vulnerability has been identified in versions prior to 2.0.0. By manipulating the X-Forwarded-For header, an attacker can potentially inject arbitrary IP addresses into the request. This vulnerability can allow attackers to bypass IP-based access controls, mislead logging systems, and impersonate trusted clients. It is especially impactful when the application relies on the X-Forwarded-For header for IP-based authorization or authentication. Users should upgrade to FastAPI Guard version 2.0.0 to receive a fix.
Severity: 3.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 15:16:00 GMT

read more

CVE-2025-4360 - iSourcecode Gym Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4360
Published : May 6, 2025, 3:16 p.m. | 35 minutes ago
Description : A vulnerability, which was classified as critical, has been found in itsourcecode Gym Management System 1.0. Affected by this issue is some unknown functionality of the file /view_member.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 15:16:00 GMT

read more

CVE-2025-4361 - PHPGurukul Company Visitor Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4361
Published : May 6, 2025, 3:16 p.m. | 35 minutes ago
Description : A vulnerability classified as critical has been found in PHPGurukul Company Visitor Management System 2.0. This affects an unknown part of the file /department.php. The manipulation of the argument departmentname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 15:16:00 GMT

read more

CVE-2025-4356 - Tenda DAP-1520 Stack-Based Buffer Overflow in Authentication Handler

CVE ID : CVE-2025-4356
Published : May 6, 2025, 2:15 p.m. | 1 hour, 36 minutes ago
Description : A vulnerability was found in Tenda DAP-1520 1.10B04_BETA02. It has been declared as critical. This vulnerability affects the function mod_graph_auth_uri_handler of the file /storage of the component Authentication Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 14:15:00 GMT

read more

CVE-2025-4357 - Tenda RX3 Command Injection Vulnerability

CVE ID : CVE-2025-4357
Published : May 6, 2025, 2:15 p.m. | 1 hour, 36 minutes ago
Description : A vulnerability was found in Tenda RX3 16.03.13.11_multi. It has been rated as critical. This issue affects some unknown processing of the file /goform/telnet. The manipulation leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 14:15:00 GMT

read more

CVE-2025-4358 - PHPGurukul Company Visitor Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4358
Published : May 6, 2025, 2:15 p.m. | 1 hour, 36 minutes ago
Description : A vulnerability classified as critical has been found in PHPGurukul Company Visitor Management System 2.0. Affected is an unknown function of the file /admin-profile.php. The manipulation of the argument adminname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 14:15:00 GMT

read more

CVE-2025-4359 - iSourcecode Gym Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4359
Published : May 6, 2025, 2:15 p.m. | 1 hour, 36 minutes ago
Description : A vulnerability classified as critical was found in itsourcecode Gym Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=delete_member. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 14:15:00 GMT

read more

CVE-2018-1359 - Apache HTTP Server Authentication Bypass

CVE ID : CVE-2018-1359
Published : May 6, 2025, 1:15 p.m. | 2 hours, 35 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 13:15:00 GMT

read more

CVE-2025-4354 - Tenda DAP-1520 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-4354
Published : May 6, 2025, 1:15 p.m. | 2 hours, 35 minutes ago
Description : A vulnerability was found in Tenda DAP-1520 1.10B04_BETA02 and classified as critical. Affected by this issue is the function check_dws_cookie of the file /storage. The manipulation leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 13:15:00 GMT

read more

CVE-2025-4355 - Tenda DAP-1520 Heap-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-4355
Published : May 6, 2025, 1:15 p.m. | 2 hours, 35 minutes ago
Description : A vulnerability was found in Tenda DAP-1520 1.10B04_BETA02. It has been classified as critical. This affects the function set_ws_action of the file /dws/api/. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 13:15:00 GMT

read more

CVE-2025-0984 - Netoloji Software E-Flow Cross-site Scripting (XSS) and File Content Injection Vulnerability

CVE ID : CVE-2025-0984
Published : May 6, 2025, 12:15 p.m. | 3 hours, 36 minutes ago
Description : Unrestricted Upload of File with Dangerous Type, Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Netoloji Software E-Flow allows Accessing Functionality Not Properly Constrained by ACLs, Stored XSS, File Content Injection.This issue affects E-Flow: before 3.23.00.
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 12:15:00 GMT

read more

CVE-2025-4349 - "Critical Command Injection in D-Link DIR-600L"

CVE ID : CVE-2025-4349
Published : May 6, 2025, 12:15 p.m. | 3 hours, 36 minutes ago
Description : A vulnerability classified as critical has been found in D-Link DIR-600L up to 2.07B01. This affects the function formSysCmd. The manipulation of the argument host leads to command injection. It is possible to initiate the attack remotely. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 12:15:00 GMT

read more

CVE-2025-4350 - D-Link DIR-600L Wake-on-LAN Command Injection Vulnerability

CVE ID : CVE-2025-4350
Published : May 6, 2025, 12:15 p.m. | 3 hours, 36 minutes ago
Description : A vulnerability classified as critical was found in D-Link DIR-600L up to 2.07B01. This vulnerability affects the function wake_on_lan. The manipulation of the argument host leads to command injection. The attack can be initiated remotely. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 12:15:00 GMT

read more

CVE-2025-4352 - Golden Link Secondary System SQL Injection Vulnerability

CVE ID : CVE-2025-4352
Published : May 6, 2025, 12:15 p.m. | 3 hours, 36 minutes ago
Description : A vulnerability, which was classified as critical, has been found in Golden Link Secondary System up to 20250424. This issue affects some unknown processing of the file /reprotframework/tcEntrFlowSelect.htm. The manipulation of the argument custTradeId leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 12:15:00 GMT

read more

CVE-2025-4353 - Golden Link Secondary System SQL Injection Vulnerability

CVE ID : CVE-2025-4353
Published : May 6, 2025, 12:15 p.m. | 3 hours, 36 minutes ago
Description : A vulnerability, which was classified as critical, was found in Golden Link Secondary System up to 20250424. Affected is an unknown function of the file /paraframework/queryTsDictionaryType.htm. The manipulation of the argument dictCn1 leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 12:15:00 GMT

read more

CVE-2025-40622 - TCMAN GIM SQL Injection Vulnerability

CVE ID : CVE-2025-40622
Published : May 6, 2025, 11:15 a.m. | 4 hours, 35 minutes ago
Description : SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject an SQL statement to obtain, update and delete all information in the database. This vulnerability was found in each of the following parameters according to the vulnerability identifier ‘username’ parameter of the ‘GetLastDatePasswordChange’ endpoint.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 11:15:00 GMT

read more

CVE-2025-40623 - TCMAN GIM SQL Injection

CVE ID : CVE-2025-40623
Published : May 6, 2025, 11:15 a.m. | 4 hours, 35 minutes ago
Description : SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject an SQL statement to obtain, update and delete all information in the database. This vulnerability was found in each of the following parameters according to the vulnerability identifier ‘Sender’ and “email” parameters of the ‘createNotificationAndroid’ endpoint.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 11:15:00 GMT

read more

CVE-2025-40624 - TCMAN's GIM SQL Injection Vulnerability

CVE ID : CVE-2025-40624
Published : May 6, 2025, 11:15 a.m. | 4 hours, 35 minutes ago
Description : SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject an SQL statement to obtain, update and delete all information in the database. This vulnerability was found in each of the following parameters according to the vulnerability identifier ‘User’ and “email” parameters of the ‘updatePassword’ endpoint.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 11:15:00 GMT

read more

CVE-2025-40625 - TCMAN GIM Unauthenticated File Upload RCE

CVE ID : CVE-2025-40625
Published : May 6, 2025, 11:15 a.m. | 4 hours, 35 minutes ago
Description : Unrestricted file upload in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to upload any file within the server, even a malicious file to obtain a Remote Code Execution (RCE).
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 11:15:00 GMT

read more

CVE-2025-4347 - D-Link DIR-600L Critical FormWlSiteSurvey Buffer Overflow Vulnerability

CVE ID : CVE-2025-4347
Published : May 6, 2025, 11:15 a.m. | 4 hours, 35 minutes ago
Description : A vulnerability was found in D-Link DIR-600L up to 2.07B01. It has been declared as critical. Affected by this vulnerability is the function formWlSiteSurvey. The manipulation of the argument host leads to buffer overflow. The attack can be launched remotely. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 11:15:00 GMT

read more

CVE-2025-4348 - D-Link DIR-600L L2TP Buffer Overflow

CVE ID : CVE-2025-4348
Published : May 6, 2025, 11:15 a.m. | 4 hours, 35 minutes ago
Description : A vulnerability was found in D-Link DIR-600L up to 2.07B01. It has been rated as critical. Affected by this issue is the function formSetWanL2TP. The manipulation of the argument host leads to buffer overflow. The attack may be launched remotely. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 11:15:00 GMT

read more

CVE-2025-40620 - TCMAN's GIM SQL Injection Vulnerability

CVE ID : CVE-2025-40620
Published : May 6, 2025, 11:15 a.m. | 2 hours, 19 minutes ago
Description : SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject an SQL statement to obtain, update and delete all information in the database. This vulnerability was found in each of the following parameters according to the vulnerability identifier ‘User’ parameter of the ‘ValidateUserAndWS’ endpoint.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 11:15:00 GMT

read more

CVE-2025-40621 - TCMAN GIM SQL Injection

CVE ID : CVE-2025-40621
Published : May 6, 2025, 11:15 a.m. | 2 hours, 19 minutes ago
Description : SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject an SQL statement to obtain, update and delete all information in the database. This vulnerability was found in each of the following parameters according to the vulnerability identifier ‘User’ parameter of the ‘ValidateUserAndGetData’ endpoint.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 11:15:00 GMT

read more

CVE-2025-2011 - WordPress Slider Popup Builder by Depicter SQL Injection Vulnerability

CVE ID : CVE-2025-2011
Published : May 6, 2025, 10:15 a.m. | 3 hours, 20 minutes ago
Description : The Slider & Popup Builder by Depicter plugin for WordPress is vulnerable to generic SQL Injection via the ‘s' parameter in all versions up to, and including, 3.6.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 10:15:00 GMT

read more

CVE-2025-3782 - Cision Block Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3782
Published : May 6, 2025, 10:15 a.m. | 3 hours, 20 minutes ago
Description : The Cision Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 4.3.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 10:15:00 GMT

read more

CVE-2025-46762 - Apache Parquet Parquet-avro Remote Code Execution Vulnerability

CVE ID : CVE-2025-46762
Published : May 6, 2025, 10:15 a.m. | 3 hours, 20 minutes ago
Description : Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors to execute arbitrary code. While 1.15.1 introduced a fix to restrict untrusted packages, the default setting of trusted packages still allows malicious classes from these packages to be executed. The exploit is only applicable if the client code of parquet-avro uses the "specific" or the "reflect" models deliberately for reading Parquet files. ("generic" model is not impacted) Users are recommended to upgrade to 1.15.2 or set the system property "org.apache.parquet.avro.SERIALIZABLE_PACKAGES" to an empty string on 1.15.1. Both are sufficient to fix the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 10:15:00 GMT

read more

CVE-2025-4344 - D-Link DIR-600L Remote Buffer Overflow in formLogin

CVE ID : CVE-2025-4344
Published : May 6, 2025, 10:15 a.m. | 3 hours, 20 minutes ago
Description : A vulnerability, which was classified as critical, was found in D-Link DIR-600L up to 2.07B01. This affects the function formLogin. The manipulation of the argument host leads to buffer overflow. It is possible to initiate the attack remotely. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 10:15:00 GMT

read more

CVE-2025-4345 - D-Link DIR-600L Remote FormSetLog Buffer Overflow Vulnerability

CVE ID : CVE-2025-4345
Published : May 6, 2025, 10:15 a.m. | 3 hours, 20 minutes ago
Description : A vulnerability was found in D-Link DIR-600L up to 2.07B01 and classified as critical. This issue affects the function formSetLog. The manipulation of the argument host leads to buffer overflow. The attack may be initiated remotely. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 10:15:00 GMT

read more

CVE-2025-4346 - D-Link DIR-600L Buffer Overflow Vulnerability

CVE ID : CVE-2025-4346
Published : May 6, 2025, 10:15 a.m. | 3 hours, 20 minutes ago
Description : A vulnerability was found in D-Link DIR-600L up to 2.07B01. It has been classified as critical. Affected is the function formSetWAN_Wizard534. The manipulation of the argument host leads to buffer overflow. It is possible to launch the attack remotely. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 10:15:00 GMT

read more

CVE-2025-4341 - D-Link DIR-880L Command Injection Vulnerability

CVE ID : CVE-2025-4341
Published : May 6, 2025, 9:15 a.m. | 4 hours, 19 minutes ago
Description : A vulnerability classified as critical was found in D-Link DIR-880L up to 104WWb01. Affected by this vulnerability is the function sub_16570 of the file /htdocs/ssdpcgi of the component Request Header Handler. The manipulation of the argument HTTP_ST/REMOTE_ADDR/REMOTE_PORT/SERVER_ID leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 09:15:00 GMT

read more

CVE-2025-4342 - D-Link DIR-600L Remote Buffer Overflow Vulnerability

CVE ID : CVE-2025-4342
Published : May 6, 2025, 9:15 a.m. | 4 hours, 19 minutes ago
Description : A vulnerability, which was classified as critical, has been found in D-Link DIR-600L up to 2.07B01. Affected by this issue is the function formEasySetupWizard3. The manipulation of the argument host leads to buffer overflow. The attack may be launched remotely. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 09:15:00 GMT

read more

CVE-2025-4343 - D-Link DIR-600L Remote Buffer Overflow in formEasySetupWizard

CVE ID : CVE-2025-4343
Published : May 6, 2025, 9:15 a.m. | 4 hours, 19 minutes ago
Description : A vulnerability has been found in D-Link DIR-600L up to 2.07B01 and classified as critical. This vulnerability affects the function formEasySetupWizard. The manipulation of the argument host leads to buffer overflow. The attack can be initiated remotely. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 09:15:00 GMT

read more

CVE-2025-21470 - Apache Image Toolkit Buffer Overflow

CVE ID : CVE-2025-21470
Published : May 6, 2025, 9:15 a.m. | 2 hours, 19 minutes ago
Description : Memory corruption while processing image encoding, when configuration is NULL in IOCTL parameter.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 09:15:00 GMT

read more

CVE-2025-21475 - Apache Struts Memory Corruption Vulnerability

CVE ID : CVE-2025-21475
Published : May 6, 2025, 9:15 a.m. | 2 hours, 19 minutes ago
Description : Memory corruption while processing escape code, when DisplayId is passed with large unsigned value.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 09:15:00 GMT

read more

CVE-2025-22886 - Apache OpenHarmony Memory Leak Denial of Service

CVE ID : CVE-2025-22886
Published : May 6, 2025, 9:15 a.m. | 2 hours, 19 minutes ago
Description : in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 09:15:00 GMT

read more

CVE-2025-25052 - OpenHarmony Buffer Overflow Denial of Service

CVE ID : CVE-2025-25052
Published : May 6, 2025, 9:15 a.m. | 2 hours, 19 minutes ago
Description : in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through buffer overflow.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 09:15:00 GMT

read more

CVE-2025-25218 - OpenHarmony NULL Pointer Dereference DOS Vulnerability

CVE ID : CVE-2025-25218
Published : May 6, 2025, 9:15 a.m. | 2 hours, 19 minutes ago
Description : in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 09:15:00 GMT

read more

CVE-2025-27132 - OpenHarmony Out-of-Bounds Write Arbitrary Code Execution

CVE ID : CVE-2025-27132
Published : May 6, 2025, 9:15 a.m. | 2 hours, 19 minutes ago
Description : in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios.
Severity: 3.8 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 09:15:00 GMT

read more

CVE-2025-27241 - OpenHarmony NULL Pointer Dereference Denial of Service Vulnerability

CVE ID : CVE-2025-27241
Published : May 6, 2025, 9:15 a.m. | 2 hours, 19 minutes ago
Description : in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 09:15:00 GMT

read more

CVE-2025-27248 - Huawei OpenHarmony NULL Pointer Dereference DOS

CVE ID : CVE-2025-27248
Published : May 6, 2025, 9:15 a.m. | 2 hours, 19 minutes ago
Description : in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 09:15:00 GMT

read more

CVE-2024-49835 - Apple Safari Heap Overflow

CVE ID : CVE-2024-49835
Published : May 6, 2025, 9:15 a.m. | 34 minutes ago
Description : Memory corruption while reading secure file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 09:15:00 GMT

read more

CVE-2024-49841 - VMware ESXi Memory Corruption Vulnerability

CVE ID : CVE-2024-49841
Published : May 6, 2025, 9:15 a.m. | 34 minutes ago
Description : Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 09:15:00 GMT

read more

CVE-2024-49842 - Microsoft Hyper-V Memory Corruption Vulnerability

CVE ID : CVE-2024-49842
Published : May 6, 2025, 9:15 a.m. | 34 minutes ago
Description : Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 09:15:00 GMT

read more

CVE-2024-49844 - Microsoft PlayReady Memory Corruption Vulnerability

CVE ID : CVE-2024-49844
Published : May 6, 2025, 9:15 a.m. | 34 minutes ago
Description : Memory corruption while triggering commands in the PlayReady Trusted application.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 09:15:00 GMT

read more

CVE-2024-49845 - Microsoft Windows FRS Memory Corruption Vulnerability

CVE ID : CVE-2024-49845
Published : May 6, 2025, 9:15 a.m. | 34 minutes ago
Description : Memory corruption during the FRS UDS generation process.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 09:15:00 GMT

read more

CVE-2024-49846 - Qualcomm MSM Modem Memory Corruption Vulnerability

CVE ID : CVE-2024-49846
Published : May 6, 2025, 9:15 a.m. | 34 minutes ago
Description : Memory corruption while decoding of OTA messages from T3448 IE.
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 09:15:00 GMT

read more

CVE-2024-49847 - Vulnerability Title: Oracle Transportation Management DOS

CVE ID : CVE-2024-49847
Published : May 6, 2025, 9:15 a.m. | 34 minutes ago
Description : Transient DOS while processing of a registration acceptance OTA due to incorrect ciphering key data IE.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 09:15:00 GMT

read more

CVE-2025-21453 - Adobe Flash Memory Corruption Vulnerability

CVE ID : CVE-2025-21453
Published : May 6, 2025, 9:15 a.m. | 34 minutes ago
Description : Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 09:15:00 GMT

read more

CVE-2025-21459 - Microsoft Linksys Wireless Router Denial of Service

CVE ID : CVE-2025-21459
Published : May 6, 2025, 9:15 a.m. | 34 minutes ago
Description : Transient DOS while parsing per STA profile in ML IE.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 09:15:00 GMT

read more

CVE-2025-21460 - VMware Guest VM Heap Overflow

CVE ID : CVE-2025-21460
Published : May 6, 2025, 9:15 a.m. | 34 minutes ago
Description : Memory corruption while processing a message, when the buffer is controlled by a Guest VM, the value can be changed continuously.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 09:15:00 GMT

read more

CVE-2025-21462 - QNAP QTS Memory Corruption Vulnerability

CVE ID : CVE-2025-21462
Published : May 6, 2025, 9:15 a.m. | 34 minutes ago
Description : Memory corruption while processing an IOCTL request, when buffer significantly exceeds the command argument limit.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 09:15:00 GMT

read more

CVE-2025-21467 - Cisco Router Buffer Overflow

CVE ID : CVE-2025-21467
Published : May 6, 2025, 9:15 a.m. | 34 minutes ago
Description : Memory corruption while reading the FW response from the shared queue.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 09:15:00 GMT

read more

CVE-2025-21468 - Cisco Firewall Memory Corruption Buffer Overflow

CVE ID : CVE-2025-21468
Published : May 6, 2025, 9:15 a.m. | 34 minutes ago
Description : Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 09:15:00 GMT

read more

CVE-2025-21469 - Apache HTTP Server Memory Corruption

CVE ID : CVE-2025-21469
Published : May 6, 2025, 9:15 a.m. | 34 minutes ago
Description : Memory corruption while processing image encoding, when input buffer length is 0 in IOCTL call.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 09:15:00 GMT

read more

CVE-2025-4324 - MRCMS Cross Site Scripting Vulnerability

CVE ID : CVE-2025-4324
Published : May 6, 2025, 6:15 a.m. | 36 minutes ago
Description : A vulnerability, which was classified as problematic, was found in MRCMS 3.1.2. This affects an unknown part of the file /admin/link/edit.do of the component External Link Management Page. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 06:15:00 GMT

read more

CVE-2025-4325 - MRCMS Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-4325
Published : May 6, 2025, 6:15 a.m. | 36 minutes ago
Description : A vulnerability has been found in MRCMS 3.1.2 and classified as problematic. This vulnerability affects unknown code of the file /admin/category/add.do of the component Category Management Page. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 06:15:00 GMT

read more

CVE-2025-4326 - MRCMS Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-4326
Published : May 6, 2025, 6:15 a.m. | 36 minutes ago
Description : A vulnerability was found in MRCMS 3.1.2 and classified as problematic. This issue affects some unknown processing of the file /admin/chip/add.do of the component Add Fragment Page. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 06:15:00 GMT

read more

CVE-2025-2802 - WordPress LayoutBoxx Plugin Shortcode Execution Vulnerability

CVE ID : CVE-2025-2802
Published : May 6, 2025, 5:15 a.m. | 1 hour, 36 minutes ago
Description : The LayoutBoxx plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 0.3.1. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 05:15:00 GMT

read more

CVE-2025-4313 - SourceCodester Advanced Web Store SQL Injection Vulnerability

CVE ID : CVE-2025-4313
Published : May 6, 2025, 5:15 a.m. | 1 hour, 36 minutes ago
Description : A vulnerability, which was classified as critical, was found in SourceCodester Advanced Web Store 1.0. Affected is an unknown function of the file /admin/admin_addnew_product.php. The manipulation of the argument txtProdId leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 05:15:00 GMT

read more

CVE-2025-4314 - SourceCodester Advanced Web Store SQL Injection Vulnerability

CVE ID : CVE-2025-4314
Published : May 6, 2025, 5:15 a.m. | 1 hour, 36 minutes ago
Description : A vulnerability has been found in SourceCodester Advanced Web Store 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/index.php. The manipulation of the argument txtLogin leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 05:15:00 GMT

read more

CVE-2025-4323 - Apache MRCMS Cross Site Scripting Vulnerability

CVE ID : CVE-2025-4323
Published : May 6, 2025, 5:15 a.m. | 1 hour, 36 minutes ago
Description : A vulnerability, which was classified as problematic, has been found in MRCMS 3.1.2. Affected by this issue is some unknown functionality of the component Edit Article Page. The manipulation of the argument Title leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 05:15:00 GMT

read more

CVE-2025-4337 - "WordPress AHAthat Plugin CSRF Vulnerability"

CVE ID : CVE-2025-4337
Published : May 6, 2025, 5:15 a.m. | 1 hour, 36 minutes ago
Description : The AHAthat Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.6. This is due to missing or incorrect nonce validation on the aha_plugin_page() function. This makes it possible for unauthenticated attackers to delete AHA pages via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 05:15:00 GMT

read more

CVE-2023-46716 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2023-46716
Published : May 6, 2025, 4:16 a.m. | 2 hours, 36 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 04:16:00 GMT

read more

CVE-2025-47296 - Apache HTTP Server Remote Code Execution

CVE ID : CVE-2025-47296
Published : May 6, 2025, 4:16 a.m. | 2 hours, 36 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 04:16:00 GMT

read more

CVE-2025-47297 - OpenVAS Scanner Information Disclosure Vulnerability in OpenVAS

CVE ID : CVE-2025-47297
Published : May 6, 2025, 4:16 a.m. | 2 hours, 36 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 04:16:00 GMT

read more

CVE-2025-47298 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-47298
Published : May 6, 2025, 4:16 a.m. | 2 hours, 36 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 04:16:00 GMT

read more

CVE-2025-47299 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-47299
Published : May 6, 2025, 4:16 a.m. | 2 hours, 36 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 04:16:00 GMT

read more

CVE-2025-47300 - Apache HTTP Server Cross-Site Request Forgery (CSRF)

CVE ID : CVE-2025-47300
Published : May 6, 2025, 4:16 a.m. | 2 hours, 36 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 04:16:00 GMT

read more

CVE-2025-47301 - Cisco Router Unvalidated Redirect

CVE ID : CVE-2025-47301
Published : May 6, 2025, 4:16 a.m. | 2 hours, 36 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 04:16:00 GMT

read more

CVE-2025-47302 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-47302
Published : May 6, 2025, 4:16 a.m. | 2 hours, 36 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 04:16:00 GMT

read more

CVE-2025-47303 - Apache Struts Command Injection

CVE ID : CVE-2025-47303
Published : May 6, 2025, 4:16 a.m. | 2 hours, 36 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 04:16:00 GMT

read more

CVE-2025-4309 - PHPGurukul Art Gallery Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4309
Published : May 6, 2025, 4:16 a.m. | 2 hours, 36 minutes ago
Description : A vulnerability was found in PHPGurukul Art Gallery Management System 1.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/add-art-type.php. The manipulation of the argument arttype leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 04:16:00 GMT

read more

CVE-2025-4310 - iSourcecode Content Management System Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-4310
Published : May 6, 2025, 4:16 a.m. | 2 hours, 36 minutes ago
Description : A vulnerability classified as critical has been found in itsourcecode Content Management System 1.0. This affects an unknown part of the file /admin/add_topic.php?category=BBS. The manipulation of the argument Cover Image leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 04:16:00 GMT

read more

CVE-2025-4311 - iSourcecode Content Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4311
Published : May 6, 2025, 4:16 a.m. | 2 hours, 36 minutes ago
Description : A vulnerability classified as critical was found in itsourcecode Content Management System 1.0. This vulnerability affects unknown code of the file /admin/update_main_topic_img.php?topic_id=529. The manipulation of the argument stopic_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 04:16:00 GMT

read more

CVE-2025-4312 - SourceCodester Advanced Web Store SQL Injection

CVE ID : CVE-2025-4312
Published : May 6, 2025, 4:16 a.m. | 2 hours, 36 minutes ago
Description : A vulnerability, which was classified as critical, has been found in SourceCodester Advanced Web Store 1.0. This issue affects some unknown processing of the file /productdetail.php. The manipulation of the argument prodid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 04:16:00 GMT

read more

CVE-2021-43069 - Apache HTTP Server Remote Command Execution

CVE ID : CVE-2021-43069
Published : May 6, 2025, 4:15 a.m. | 2 hours, 36 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 04:15:00 GMT

read more

CVE-2025-4306 - PHPGurukul Nipah Virus Testing Management System SQL Injection

CVE ID : CVE-2025-4306
Published : May 6, 2025, 3:15 a.m. | 3 hours, 37 minutes ago
Description : A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /edit-phlebotomist.php. The manipulation of the argument mobilenumber leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 03:15:00 GMT

read more

CVE-2025-4307 - PHPGurukul Art Gallery Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4307
Published : May 6, 2025, 3:15 a.m. | 3 hours, 37 minutes ago
Description : A vulnerability was found in PHPGurukul Art Gallery Management System 1.1. It has been classified as critical. Affected is an unknown function of the file /admin/add-art-medium.php. The manipulation of the argument artmed leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 03:15:00 GMT

read more

CVE-2025-4308 - PHPGurukul Art Gallery Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4308
Published : May 6, 2025, 3:15 a.m. | 3 hours, 37 minutes ago
Description : A vulnerability was found in PHPGurukul Art Gallery Management System 1.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/add-art-type.php. The manipulation of the argument arttype leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 03:15:00 GMT

read more

CVE-2025-3609 - Reales WP STPT Unauthorized User Registration Vulnerability

CVE ID : CVE-2025-3609
Published : May 6, 2025, 3:15 a.m. | 2 hours, 34 minutes ago
Description : The Reales WP STPT plugin for WordPress is vulnerable to unauthorized user registration in all versions up to, and including, 2.1.2. This is due to the 'reales_user_signup_form' AJAX action not verifying if user registration is enabled, prior to registering a user. This makes it possible for unauthenticated attackers to create new user accounts, which can be leveraged with CVE-XX to achieve privilege escalation.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 03:15:00 GMT

read more

CVE-2025-3610 - Reales WP STPT Privilege Escalation and Account Takeover Vulnerability in WordPress

CVE ID : CVE-2025-3610
Published : May 6, 2025, 3:15 a.m. | 2 hours, 34 minutes ago
Description : The Reales WP STPT plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.1.2. This is due to the plugin not properly validating a user's identity prior to updating their details like password. This makes it possible for authenticated attackers, with subscriber-level access and above, to change arbitrary user's passwords and email addresses, including administrators, and leverage that to gain access to their account. This can be combined with CVE-2025-3609 to achieve remote code execution as an originally unauthenticated user with no account.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 03:15:00 GMT

read more

CVE-2025-4305 - Kefaming Mayi Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-4305
Published : May 6, 2025, 2:15 a.m. | 3 hours, 34 minutes ago
Description : A vulnerability has been found in kefaming mayi up to 1.3.9 and classified as critical. This vulnerability affects the function Upload of the file app/tools/controller/File.php. The manipulation of the argument File leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 02:15:00 GMT

read more

CVE-2024-39442 - Sprd SSense Service Missing Permission Check Vulnerability

CVE ID : CVE-2024-39442
Published : May 6, 2025, 2:15 a.m. | 1 hour, 34 minutes ago
Description : In sprd ssense service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 02:15:00 GMT

read more

CVE-2025-4304 - PHPGurukul Cyber Cafe Management System SQL Injection

CVE ID : CVE-2025-4304
Published : May 6, 2025, 2:15 a.m. | 1 hour, 34 minutes ago
Description : A vulnerability, which was classified as critical, was found in PHPGurukul Cyber Cafe Management System 1.0. This affects an unknown part of the file /adminprofile.php. The manipulation of the argument mobilenumber leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 02:15:00 GMT

read more

CVE-2025-2509 - ChromeOS Virglrenderer Out-of-Bounds Read VM Escape

CVE ID : CVE-2025-2509
Published : May 6, 2025, 1:15 a.m. | 2 hours, 33 minutes ago
Description : Out-of-Bounds Read in Virglrenderer in ChromeOS 16093.57.0 allows a malicious guest VM to achieve arbitrary address access within the crosvm sandboxed process, potentially leading to VM escape via crafted vertex elements data triggering an out-of-bounds read in util_format_description.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 01:15:00 GMT

read more

CVE-2025-46728 - cpp-httplib Chunked Request Body Overflow

CVE ID : CVE-2025-46728
Published : May 6, 2025, 1:15 a.m. | 2 hours, 33 minutes ago
Description : cpp-httplib is a C++ header-only HTTP/HTTPS server and client library. Prior to version 0.20.1, the library fails to enforce configured size limits on incoming request bodies when `Transfer-Encoding: chunked` is used or when no `Content-Length` header is provided. A remote attacker can send a chunked request without the terminating zero-length chunk, causing uncontrolled memory allocation on the server. This leads to potential exhaustion of system memory and results in a server crash or unresponsiveness. Version 0.20.1 fixes the issue by enforcing limits during parsing. If the limit is exceeded at any point during reading, the connection is terminated immediately. A short-term workaround through a Reverse Proxy is available. If updating the library immediately is not feasible, deploy a reverse proxy (e.g., Nginx, HAProxy) in front of the `cpp-httplib` application. Configure the proxy to enforce maximum request body size limits, thereby stopping excessively large requests before they reach the vulnerable library code.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 01:15:00 GMT

read more

CVE-2025-4301 - iSourcecode Content Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4301
Published : May 6, 2025, 1:15 a.m. | 2 hours, 33 minutes ago
Description : A vulnerability classified as critical was found in itsourcecode Content Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /search-notice.php. The manipulation of the argument searchdata leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 01:15:00 GMT

read more

CVE-2025-4303 - PHPGurukul Human Metapneumovirus Testing Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4303
Published : May 6, 2025, 1:15 a.m. | 2 hours, 33 minutes ago
Description : A vulnerability, which was classified as critical, has been found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. Affected by this issue is some unknown functionality of the file /add-phlebotomist.php. The manipulation of the argument empid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 01:15:00 GMT

read more

CVE-2025-4298 - Tenda AC1206 Buffer Overflow Vulnerability

CVE ID : CVE-2025-4298
Published : May 6, 2025, 12:15 a.m. | 3 hours, 34 minutes ago
Description : A vulnerability was found in Tenda AC1206 up to 15.03.06.23. It has been declared as critical. This vulnerability affects the function formSetCfm of the file /goform/setcfm. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 00:15:00 GMT

read more

CVE-2025-4299 - Tenda AC1206 Buffer Overflow Vulnerability

CVE ID : CVE-2025-4299
Published : May 6, 2025, 12:15 a.m. | 3 hours, 34 minutes ago
Description : A vulnerability was found in Tenda AC1206 up to 15.03.06.23. It has been rated as critical. This issue affects the function setSchedWifi of the file /goform/openSchedWifi. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 00:15:00 GMT

read more

CVE-2025-4300 - iSourcecode Content Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4300
Published : May 6, 2025, 12:15 a.m. | 3 hours, 34 minutes ago
Description : A vulnerability classified as critical has been found in itsourcecode Content Management System 1.0. Affected is an unknown function of the file /search_list.php. The manipulation of the argument Search leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 06 May 2025 00:15:00 GMT

read more

CVE-2025-4292 - MRCMS Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-4292
Published : May 5, 2025, 11:15 p.m. | 4 hours, 33 minutes ago
Description : A vulnerability has been found in MRCMS 3.1.3 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/user/edit.do of the component Edit User Page. The manipulation of the argument Username leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 23:15:00 GMT

read more

CVE-2025-4293 - MRCMS Cross-Site Scripting Vulnerability in Group Edit Page

CVE ID : CVE-2025-4293
Published : May 5, 2025, 11:15 p.m. | 4 hours, 33 minutes ago
Description : A vulnerability was found in MRCMS 3.1.3 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/group/edit.do of the component Group Edit Page. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 23:15:00 GMT

read more

CVE-2025-4297 - PHPGurukul Men Salon Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4297
Published : May 5, 2025, 11:15 p.m. | 4 hours, 33 minutes ago
Description : A vulnerability was found in PHPGurukul Men Salon Management System 2.0. It has been classified as critical. This affects an unknown part of the file /admin/change-password.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Multiple parameters might be affected.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 23:15:00 GMT

read more

CVE-2025-44071 - SeaCMS Phomebak PHP Remote Code Execution Vulnerability

CVE ID : CVE-2025-44071
Published : May 5, 2025, 10:15 p.m. | 5 hours, 34 minutes ago
Description : SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the component phomebak.php. This vulnerability allows attackers to execute arbitrary code via a crafted request.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 22:15:00 GMT

read more

CVE-2025-44072 - SeaCMS SQL Injection Vulnerability

CVE ID : CVE-2025-44072
Published : May 5, 2025, 10:15 p.m. | 5 hours, 34 minutes ago
Description : SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component admin_manager.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 22:15:00 GMT

read more

CVE-2025-44074 - SeaCMS SQL Injection Vulnerability

CVE ID : CVE-2025-44074
Published : May 5, 2025, 10:15 p.m. | 5 hours, 34 minutes ago
Description : SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component admin_topic.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 22:15:00 GMT

read more

CVE-2025-4290 - PCMan FTP Server Buffer Overflow Vulnerability

CVE ID : CVE-2025-4290
Published : May 5, 2025, 10:15 p.m. | 5 hours, 34 minutes ago
Description : A vulnerability, which was classified as critical, has been found in PCMan FTP Server 2.0.7. This issue affects some unknown processing of the component SMNT Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 22:15:00 GMT

read more

CVE-2025-4291 - IdeaCMS Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-4291
Published : May 5, 2025, 10:15 p.m. | 5 hours, 34 minutes ago
Description : A vulnerability, which was classified as critical, was found in IdeaCMS up to 1.6. Affected is the function saveUpload. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 22:15:00 GMT

read more

CVE-2025-4288 - PCMan FTP Server RNFR Command Handler Buffer Overflow Vulnerability

CVE ID : CVE-2025-4288
Published : May 5, 2025, 9:15 p.m. | 6 hours, 33 minutes ago
Description : A vulnerability classified as critical has been found in PCMan FTP Server 2.0.7. This affects an unknown part of the component RNFR Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 21:15:00 GMT

read more

CVE-2025-4289 - PCMan FTP Server RNTO Command Handler Critical Buffer Overflow Vulnerability

CVE ID : CVE-2025-4289
Published : May 5, 2025, 9:15 p.m. | 6 hours, 33 minutes ago
Description : A vulnerability classified as critical was found in PCMan FTP Server 2.0.7. This vulnerability affects unknown code of the component RNTO Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 21:15:00 GMT

read more

CVE-2025-0915 - IBM Db2 Memory Allocation DoS Vulnerability

CVE ID : CVE-2025-0915
Published : May 5, 2025, 9:15 p.m. | 4 hours, 33 minutes ago
Description : IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 under specific configurations could allow an authenticated user to cause a denial of service due to insufficient release of allocated memory resources.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 21:15:00 GMT

read more

CVE-2025-1000 - IBM Db2 Denial of Service due to Improper Automatic Client Rerouting

CVE ID : CVE-2025-1000
Published : May 5, 2025, 9:15 p.m. | 4 hours, 33 minutes ago
Description : IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 could allow an authenticated user to cause a denial of service when connecting to a z/OS database due to improper handling of automatic client rerouting.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 21:15:00 GMT

read more

CVE-2025-1493 - IBM Db2 Denial of Service

CVE ID : CVE-2025-1493
Published : May 5, 2025, 9:15 p.m. | 4 hours, 33 minutes ago
Description : IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 12.1.0 through 12.1.1 could allow an authenticated user to cause a denial of service due to concurrent execution of shared resources.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 21:15:00 GMT

read more

CVE-2025-46731 - Craft CMS SSTI Remote Code Execution Vulnerability

CVE ID : CVE-2025-46731
Published : May 5, 2025, 8:15 p.m. | 5 hours, 33 minutes ago
Description : Craft is a content management system. Versions of Craft CMS on the 4.x branch prior to 4.14.13 and on the 5.x branch prior to 5.6.16 contains a potential remote code execution vulnerability via Twig SSTI. One must have administrator access and `ALLOW_ADMIN_CHANGES` must be enabled for this to work. Users should update to the patched versions 4.14.13 or 5.6.15 to mitigate the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 20:15:00 GMT

read more

CVE-2025-46734 - League Commonmark Attributes Extension Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-46734
Published : May 5, 2025, 8:15 p.m. | 5 hours, 33 minutes ago
Description : league/commonmark is a PHP Markdown parser. A cross-site scripting (XSS) vulnerability in the Attributes extension of the league/commonmark library (versions 1.5.0 through 2.6.x) allows remote attackers to insert malicious JavaScript calls into HTML. The league/commonmark library provides configuration options such as `html_input: 'strip'` and `allow_unsafe_links: false` to mitigate cross-site scripting (XSS) attacks by stripping raw HTML and disallowing unsafe links. However, when the Attributes Extension is enabled, it introduces a way for users to inject arbitrary HTML attributes into elements via Markdown syntax using curly braces. Version 2.7.0 contains three changes to prevent this XSS attack vector: All attributes starting with `on` are considered unsafe and blocked by default; support for an explicit allowlist of allowed HTML attributes; and manually-added `href` and `src` attributes now respect the existing `allow_unsafe_links` configuration option. If upgrading is not feasible, please consider disabling the `AttributesExtension` for untrusted users and/or filtering the rendered HTML through a library like HTMLPurifier.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 20:15:00 GMT

read more

CVE-2025-46813 - Discourse Data Leak Vulnerability

CVE ID : CVE-2025-46813
Published : May 5, 2025, 8:15 p.m. | 5 hours, 33 minutes ago
Description : Discourse is an open-source community platform. A data leak vulnerability affects sites deployed between commits 10df7fdee060d44accdee7679d66d778d1136510 and 82d84af6b0efbd9fa2aeec3e91ce7be1a768511b. On login-required sites, the leak meant that some content on the site's homepage could be visible to unauthenticated users. Only login-required sites that got deployed during this timeframe are affected, roughly between April 30 2025 noon EDT and May 2 2025, noon EDT. Sites on the stable branch are unaffected. Private content on an instance's homepage could be visible to unauthenticated users on login-required sites. Versions of 3.5.0.beta4 after commit 82d84af6b0efbd9fa2aeec3e91ce7be1a768511b are not vulnerable to the issue. No workarounds are available. Sites must upgrade to a non-vulnerable version of Discourse.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 20:15:00 GMT

read more

CVE-2025-4286 - "Intelbras InControl Credential Storage Vulnerability"

CVE ID : CVE-2025-4286
Published : May 5, 2025, 8:15 p.m. | 5 hours, 33 minutes ago
Description : A vulnerability was found in Intelbras InControl up to 2.21.59. It has been classified as problematic. Affected is an unknown function of the component Dispositivos Edição Page. The manipulation of the argument Senha de Comunicação leads to unprotected storage of credentials. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. According to the vendor this issue should be fixed in a later release.
Severity: 2.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 20:15:00 GMT

read more

CVE-2025-4287 - PyTorch CUDA NCCL Denial of Service Vulnerability

CVE ID : CVE-2025-4287
Published : May 5, 2025, 8:15 p.m. | 5 hours, 33 minutes ago
Description : A vulnerability was found in PyTorch 2.6.0+cu124. It has been rated as problematic. Affected by this issue is the function torch.cuda.nccl.reduce of the file torch/cuda/nccl.py. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The patch is identified as 5827d2061dcb4acd05ac5f8e65d8693a481ba0f5. It is recommended to apply a patch to fix this issue.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 20:15:00 GMT

read more

CVE-2025-45617 - Production SSM User List Unrestricted Access

CVE ID : CVE-2025-45617
Published : May 5, 2025, 8:15 p.m. | 4 hours, 36 minutes ago
Description : Incorrect access control in the component /user/list of production_ssm v0.0.1-SNAPSHOT allows attackers to access sensitive information via a crafted payload.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 20:15:00 GMT

read more

CVE-2025-45618 - Jeeweb Mybatis Springboot Unauthenticated Information Disclosure

CVE ID : CVE-2025-45618
Published : May 5, 2025, 8:15 p.m. | 4 hours, 36 minutes ago
Description : Incorrect access control in the component /admin/sys/datasource/ajaxList of jeeweb-mybatis-springboot v0.0.1.RELEASE allows attackers to access sensitive information via a crafted payload.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 20:15:00 GMT

read more

CVE-2025-46726 - Langroid XMLToolMessage XML External Entity (XXE) Denial of Service (DoS) and Local File Information Exposure

CVE ID : CVE-2025-46726
Published : May 5, 2025, 8:15 p.m. | 4 hours, 36 minutes ago
Description : Langroid is a framework for building large-language-model-powered applications. Prior to version 0.53.4, a LLM application leveraging `XMLToolMessage` class may be exposed to untrusted XML input that could result in DoS and/or exposing local files with sensitive information. Version 0.53.4 fixes the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 20:15:00 GMT

read more

CVE-2025-46730 - "MobSF ZIP Bomb Denial of Service Vulnerability"

CVE ID : CVE-2025-46730
Published : May 5, 2025, 8:15 p.m. | 4 hours, 36 minutes ago
Description : MobSF is a mobile application security testing tool used. Typically, MobSF is deployed on centralized internal or cloud-based servers that also host other security tools and web applications. Access to the MobSF web interface is often granted to internal security teams, audit teams, and external vendors. MobSF provides a feature that allows users to upload ZIP files for static analysis. Upon upload, these ZIP files are automatically extracted and stored within the MobSF directory. However, in versions up to and including 4.3.2, this functionality lacks a check on the total uncompressed size of the ZIP file, making it vulnerable to a ZIP of Death (zip bomb) attack. Due to the absence of safeguards against oversized extractions, an attacker can craft a specially prepared ZIP file that is small in compressed form but expands to a massive size upon extraction. Exploiting this, an attacker can exhaust the server's disk space, leading to a complete denial of service (DoS) not just for MobSF, but also for any other applications or websites hosted on the same server. This vulnerability can lead to complete server disruption in an organization which can affect other internal portals and tools too (which are hosted on the same server). If some organization has created their customized cloud based mobile security tool using MobSF core then an attacker can exploit this vulnerability to crash their servers. Commit 6987a946485a795f4fd38cebdb4860b368a1995d fixes this issue. As an additional mitigation, it is recommended to implement a safeguard that checks the total uncompressed size of any uploaded ZIP file before extraction. If the estimated uncompressed size exceeds a safe threshold (e.g., 100 MB), MobSF should reject the file and notify the user.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 20:15:00 GMT

read more

CVE-2025-1909 - BuddyBoss Platform Pro WordPress Authentication Bypass Vulnerability

CVE ID : CVE-2025-1909
Published : May 5, 2025, 8:15 p.m. | 1 hour, 32 minutes ago
Description : The BuddyBoss Platform Pro plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.7.01. This is due to insufficient verification on the user being supplied during the Apple OAuth authenticate request through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 20:15:00 GMT

read more

CVE-2025-45607 - Itranswarp Authentication Bypass Vulnerability

CVE ID : CVE-2025-45607
Published : May 5, 2025, 8:15 p.m. | 1 hour, 32 minutes ago
Description : An issue in the component /manage/ of itranswarp v2.19 allows attackers to bypass authentication via a crafted request.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 20:15:00 GMT

read more

CVE-2025-45608 - Xinguan Access Control Bypass

CVE ID : CVE-2025-45608
Published : May 5, 2025, 8:15 p.m. | 1 hour, 32 minutes ago
Description : Incorrect access control in the /system/user/findUserList API of Xinguan v0.0.1-SNAPSHOT allows attackers to access sensitive information via a crafted payload.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 20:15:00 GMT

read more

CVE-2025-45609 - Kob Insecure Direct Object Reference (IDOR)

CVE ID : CVE-2025-45609
Published : May 5, 2025, 8:15 p.m. | 1 hour, 32 minutes ago
Description : Incorrect access control in the doFilter function of kob latest v1.0.0-SNAPSHOT allows attackers to access sensitive information via a crafted payload.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 20:15:00 GMT

read more

CVE-2025-45610 - PassJava-Platform Blind File Inclusion Vulnerability

CVE ID : CVE-2025-45610
Published : May 5, 2025, 8:15 p.m. | 1 hour, 32 minutes ago
Description : Incorrect access control in the component /scheduleLog/info/1 of PassJava-Platform v3.0.0 allows attackers to access sensitive information via a crafted payload.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 20:15:00 GMT

read more

CVE-2025-45611 - Hope-Boot Authentication Bypass

CVE ID : CVE-2025-45611
Published : May 5, 2025, 8:15 p.m. | 1 hour, 32 minutes ago
Description : Incorrect access control in the /user/edit/ component of hope-boot v1.0.0 allows attackers to bypass authentication via a crafted GET request.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 20:15:00 GMT

read more

CVE-2025-45612 - Xmall Authentication Bypass

CVE ID : CVE-2025-45612
Published : May 5, 2025, 8:15 p.m. | 1 hour, 32 minutes ago
Description : Incorrect access control in xmall v1.1 allows attackers to bypass authentication via a crafted GET request to /index.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 20:15:00 GMT

read more

CVE-2025-45613 - Shiro-Action Unsecured Data Disclosure

CVE ID : CVE-2025-45613
Published : May 5, 2025, 8:15 p.m. | 1 hour, 32 minutes ago
Description : Incorrect access control in the component /user/list of Shiro-Action v0.6 allows attackers to access sensitive information via a crafted payload.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 20:15:00 GMT

read more

CVE-2025-45614 - One API User Manager Information Disclosure

CVE ID : CVE-2025-45614
Published : May 5, 2025, 8:15 p.m. | 1 hour, 32 minutes ago
Description : Incorrect access control in the component /api/user/manager of One v1.0 allows attackers to access sensitive information via a crafted payload.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 20:15:00 GMT

read more

CVE-2025-45615 - Yaoqishan Unauthenticated Administrative Privilege Escalation

CVE ID : CVE-2025-45615
Published : May 5, 2025, 8:15 p.m. | 1 hour, 32 minutes ago
Description : Incorrect access control in the /admin/ API of yaoqishan v0.0.1-SNAPSHOT allows attackers to gain access to Admin rights via a crafted request.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 20:15:00 GMT

read more

CVE-2025-45616 - Brcc Authentication Bypass Vulnerability

CVE ID : CVE-2025-45616
Published : May 5, 2025, 8:15 p.m. | 1 hour, 32 minutes ago
Description : Incorrect access control in the /admin/** API of brcc v1.2.0 allows attackers to gain access to Admin rights via a crafted request.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 20:15:00 GMT

read more

CVE-2024-42212 - HCL BigFix Compliance CSRF Vulnerability

CVE ID : CVE-2024-42212
Published : May 5, 2025, 7:15 p.m. | 18 minutes ago
Description : HCL BigFix Compliance is affected by an improper or missing SameSite attribute. This can lead to Cross-Site Request Forgery (CSRF) attacks, where a malicious site could trick a user's browser into making unintended requests using authenticated sessions.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 19:15:00 GMT

read more

CVE-2024-42213 - HCL BigFix Compliance Information Disclosure

CVE ID : CVE-2024-42213
Published : May 5, 2025, 7:15 p.m. | 18 minutes ago
Description : HCL BigFix Compliance is affected by inclusion of temporary files left in the production environment. An attacker might gain access to these files by indexing or retrieved via predictable URLs or misconfigured permissions, leading to information disclosure.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 19:15:00 GMT

read more

CVE-2025-29573 - Mezzanine CMS Forms Module XSS Vulnerability

CVE ID : CVE-2025-29573
Published : May 5, 2025, 7:15 p.m. | 18 minutes ago
Description : Cross-Site Scripting (XSS) vulnerability exists in Mezzanine CMS 6.0.0 in the "View Entries" feature within the Forms module.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 19:15:00 GMT

read more

CVE-2025-43849 - Apache TTS Voice Conversion Framework Deserialization RCE

CVE ID : CVE-2025-43849
Published : May 5, 2025, 7:15 p.m. | 18 minutes ago
Description : Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231006 and prior are vulnerable to unsafe deserialization. The ckpt_a and cpkt_b variables take user input (e.g. a path to a model) and pass it to the merge function in process_ckpt.py, which uses them to load the models on those paths with torch.load, which can lead to unsafe deserialization and remote code execution. As of time of publication, no known patches exist.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 19:15:00 GMT

read more

CVE-2025-43850 - Apache Retrieval-Based Voice Conversion WebUI Remote Code Execution

CVE ID : CVE-2025-43850
Published : May 5, 2025, 7:15 p.m. | 18 minutes ago
Description : Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231006 and prior are vulnerable to unsafe deserialization. The ckpt_dir variable takes user input (e.g. a path to a model) and passes it to the change_info function in export.py, which uses it to load the model on that path with torch.load, which can lead to unsafe deserialization and remote code execution. As of time of publication, no known patches exist.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 19:15:00 GMT

read more

CVE-2025-43851 - Adobe Retrieval-based-Voice-Conversion-WebUI Remote Code Execution Vulnerability

CVE ID : CVE-2025-43851
Published : May 5, 2025, 7:15 p.m. | 18 minutes ago
Description : Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231006 and prior are vulnerable to unsafe deserialization. The model_choose variable takes user input (e.g. a path to a model) and passes it to the uvr function in vr.py. In uvr , a new instance of AudioPre class is created with the model_path attribute containing the aformentioned user input. In the AudioPre class, the user input, is used to load the model on that path with torch.load, which can lead to unsafe deserialization and remote code execution. As of time of publication, no known patches exist.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 19:15:00 GMT

read more

CVE-2025-43852 - Apache Retrieval-based-Voice-Conversion-WebUI Deserialization Remote Code Execution Vulnerability

CVE ID : CVE-2025-43852
Published : May 5, 2025, 7:15 p.m. | 18 minutes ago
Description : Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231006 and prior are vulnerable to unsafe deserialization. The model_choose variable takes user input (e.g. a path to a model) and passes it to the uvr function in vr.py. In uvr , if model_name contains the string "DeEcho", a new instance of AudioPreDeEcho class is created with the model_path attribute containing the aforementioned user input. In the AudioPreDeEcho class, the user input is used to load the model on that path with torch.load, which can lead to unsafe deserialization and remote code execution. As of time of publication, no known patches exist.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 19:15:00 GMT

read more

CVE-2025-46335 - MobSF Stored XSS Vulnerability in Android APK Analysis

CVE ID : CVE-2025-46335
Published : May 5, 2025, 7:15 p.m. | 18 minutes ago
Description : Mobile Security Framework (MobSF) is a security research platform for mobile applications in Android, iOS and Windows Mobile. A Stored Cross-Site Scripting (XSS) vulnerability has been identified in MobSF versions up to and including 4.3.2. The vulnerability arises from improper sanitization of user-supplied SVG files during the Android APK analysis workflow. Version 4.3.3 fixes the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 19:15:00 GMT

read more

CVE-2025-46340 - Misskey CSS Injection Vulnerability

CVE ID : CVE-2025-46340
Published : May 5, 2025, 7:15 p.m. | 18 minutes ago
Description : Misskey is an open source, federated social media platform. Starting in version 12.0.0 and prior to version 2025.4.1, due to an oversight in the validation performed in `UrlPreviewService` and `MkUrlPreview`, it is possible for an attacker to inject arbitrary CSS into the `MkUrlPreview` component. `UrlPreviewService.wrap` falls back to returning the original URL if it's using a protocol that is likely to not be understood by Misskey, IE something other than `http` or `https`. This both can de-anonymize users and_allow further attacks in the client. Additionally, `MkUrlPreview` doesn't escape CSS when applying a `background-image` property, allowing an attacker to craft a URL that applies arbitrary styles to the preview element. Theoretically, an attacker can craft a CSS injection payload to create a fake error message that can deceive the user into giving away their credentials or similar sensitive information. Version 2025.4.1 contains a patch for the issue.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 19:15:00 GMT

read more

CVE-2025-46553 - Misskey/summaly Allow Redirects Bypass Vulnerability

CVE ID : CVE-2025-46553
Published : May 5, 2025, 7:15 p.m. | 18 minutes ago
Description : @misskey-dev/summaly is a tool for getting a summary of a web page. Starting in version 3.0.1 and prior to version 5.2.1, a logic error in the main `summaly` function causes the `allowRedirects` option to never be passed to any plugins, and as a result, isn't enforced. Misskey will follow redirects, despite explicitly requesting not to. Version 5.2.1 contains a patch for the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 19:15:00 GMT

read more

CVE-2025-46559 - Misskey AiScript Cross-Site Request Forgery (CSRF)

CVE ID : CVE-2025-46559
Published : May 5, 2025, 7:15 p.m. | 18 minutes ago
Description : Misskey is an open source, federated social media platform. Starting in version 12.31.0 and prior to version 2025.4.1, missing validation in `Mk:api` allows malicious AiScript code to access additional endpoints that it isn't designed to have access to. The missing validation allows malicious AiScript code to prefix a URL with `../` to step out of the `/api` directory, thereby being able to make requests to other endpoints, such as `/files`, `/url`, and `/proxy`. Version 2025.4.1 fixes the issue.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 19:15:00 GMT

read more

CVE-2025-46571 - Open WebUI Unauthenticated JavaScript File Upload to Admin RCE

CVE ID : CVE-2025-46571
Published : May 5, 2025, 7:15 p.m. | 18 minutes ago
Description : Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.6.6, low privileged users can upload HTML files which contain JavaScript code via the `/api/v1/files/` backend endpoint. This endpoint returns a file id, which can be used to open the file in the browser and trigger the JavaScript code in the user's browser. Under the default settings, files uploaded by low-privileged users can only be viewed by admins or themselves, limiting the impact of this vulnerability. A link to such a file can be sent to an admin, and if clicked, will give the low-privileged user complete control over the admin's account, ultimately enabling RCE via functions. Version 0.6.6 contains a fix for the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 19:15:00 GMT

read more

CVE-2025-46719 - Open WebUI JavaScript Injection and Stored XSS Vulnerability

CVE ID : CVE-2025-46719
Published : May 5, 2025, 7:15 p.m. | 18 minutes ago
Description : Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.6.6, a vulnerability in the way certain html tags in chat messages are rendered allows attackers to inject JavaScript code into a chat transcript. The JavaScript code will be executed in the user's browser every time that chat transcript is opened, allowing attackers to retrieve the user's access token and gain full control over their account. Chat transcripts can be shared with other users in the same server, or with the whole open-webui community if "Enable Community Sharing" is enabled in the admin panel. If this exploit is used against an admin user, it is possible to achieve Remote Code Execution on the server where the open-webui backend is hosted. This can be done by creating a new function which contains malicious python code. This vulnerability also affects chat transcripts uploaded to `https://openwebui.com/c//`, allowing for wormable stored XSS in https[:]//openwebui[.]com. Version 0.6.6 contains a patch for the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 19:15:00 GMT

read more

CVE-2025-46720 - Keystone Node.js Oracle Filter Bypass

CVE ID : CVE-2025-46720
Published : May 5, 2025, 7:15 p.m. | 18 minutes ago
Description : Keystone is a content management system for Node.js. Prior to version 6.5.0, `{field}.isFilterable` access control can be bypassed in `update` and `delete` mutations by adding additional unique filters. These filters can be used as an oracle to probe the existence or value of otherwise unreadable fields. Specifically, when a mutation includes a `where` clause with multiple unique filters (e.g. `id` and `email`), Keystone will attempt to match records even if filtering by the latter fields would normally be rejected by `field.isFilterable` or `list.defaultIsFilterable`. This can allow malicious actors to infer the presence of a particular field value when a filter is successful in returning a result. This affects any project relying on the default or dynamic `isFilterable` behavior (at the list or field level) to prevent external users from using the filtering of fields as a discovery mechanism. While this access control is respected during `findMany` operations, it was not completely enforced during `update` and `delete` mutations when accepting more than one unique `where` values in filters. This has no impact on projects using `isFilterable: false` or `defaultIsFilterable: false` for sensitive fields, or for those who have otherwise omitted filtering by these fields from their GraphQL schema. This issue has been patched in `@keystone-6/core` version 6.5.0. To mitigate this issue in older versions where patching is not a viable pathway, set `isFilterable: false` statically for relevant fields to prevent filtering by them earlier in the access control pipeline (that is, don't use functions); set `{field}.graphql.omit.read: true` for relevant fields, which implicitly removes filtering by these fields from the GraphQL schema; and/or deny `update` and `delete` operations for the relevant lists completely.
Severity: 3.1 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 19:15:00 GMT

read more

CVE-2025-4279 - WordPress External Image Replace Plugin Remote File Upload Vulnerability

CVE ID : CVE-2025-4279
Published : May 5, 2025, 7:15 p.m. | 18 minutes ago
Description : The External image replace plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'external_image_replace_get_posts::replace_post' function in all versions up to, and including, 1.0.8. This makes it possible for authenticated attackers, with contributor-level and above permissions, to upload arbitrary files on the affected site's server which may make remote code execution possible.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 19:15:00 GMT

read more

CVE-2025-4283 - SourceCodester Oretnom23 Stock Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4283
Published : May 5, 2025, 7:15 p.m. | 18 minutes ago
Description : A vulnerability was found in SourceCodester/oretnom23 Stock Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /classes/Login.php?f=login. The manipulation of the argument Username leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 19:15:00 GMT

read more

CVE-2025-4318 - Amazon Amplify Studio Unvalidated Property Expression Vulnerability

CVE ID : CVE-2025-4318
Published : May 5, 2025, 7:15 p.m. | 18 minutes ago
Description : The AWS Amplify Studio UI component property expressions in the aws-amplify/amplify-codegen-ui package lack input validation. This could potentially allow an authenticated user who has access to create or modify components to run arbitrary JavaScript code during the component rendering and build process.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 19:15:00 GMT

read more

CVE-2025-45237 - DBSyncer Unsecured Configuration File Access Vulnerability

CVE ID : CVE-2025-45237
Published : May 5, 2025, 6:15 p.m. | 1 hour, 18 minutes ago
Description : Incorrect access control in the component /config/download of DBSyncer v2.0.6 allows attackers to access the JSON file containing sensitive account information, including the encrypted password.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 18:15:00 GMT

read more

CVE-2025-45238 - Foxcms File Deletion Vulnerability

CVE ID : CVE-2025-45238
Published : May 5, 2025, 6:15 p.m. | 1 hour, 18 minutes ago
Description : foxcms v1.2.5 was discovered to contain an arbitrary file deletion vulnerability via the delRestoreSerie method.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 18:15:00 GMT

read more

CVE-2025-45239 - FoxCMS Directory Traversal Vulnerability

CVE ID : CVE-2025-45239
Published : May 5, 2025, 6:15 p.m. | 1 hour, 18 minutes ago
Description : An issue in the restores method (DataBackup.php) of foxcms v2.0.6 allows attackers to execute a directory traversal.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 18:15:00 GMT

read more

CVE-2025-4050 - Google Chrome Heap Corruption Out-of-Bounds Access Vulnerability

CVE ID : CVE-2025-4050
Published : May 5, 2025, 6:15 p.m. | 1 hour, 18 minutes ago
Description : Out of bounds memory access in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 18:15:00 GMT

read more

CVE-2025-4051 - Google Chrome DevTools Insufficient Data Validation Remote Code Execution

CVE ID : CVE-2025-4051
Published : May 5, 2025, 6:15 p.m. | 1 hour, 18 minutes ago
Description : Insufficient data validation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 18:15:00 GMT

read more

CVE-2025-4052 - Google Chrome DevTools Authorization Bypass

CVE ID : CVE-2025-4052
Published : May 5, 2025, 6:15 p.m. | 1 hour, 18 minutes ago
Description : Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Low)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 18:15:00 GMT

read more

CVE-2025-4096 - Google Chrome Heap Buffer Overflow

CVE ID : CVE-2025-4096
Published : May 5, 2025, 6:15 p.m. | 1 hour, 18 minutes ago
Description : Heap buffer overflow in HTML in Google Chrome prior to 136.0.7103.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 18:15:00 GMT

read more

CVE-2025-4282 - SourceCodester Oretnom23 Stock Management System CSRF Vulnerability

CVE ID : CVE-2025-4282
Published : May 5, 2025, 6:15 p.m. | 1 hour, 18 minutes ago
Description : A vulnerability has been found in SourceCodester/oretnom23 Stock Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /classes/Users.php?f=save. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 18:15:00 GMT

read more

CVE-2024-58098 - Linux Kernel BPF Packet Pointer Invalidation Vulnerability

CVE ID : CVE-2024-58098
Published : May 5, 2025, 3:15 p.m. | 1 hour, 1 minute ago
Description : In the Linux kernel, the following vulnerability has been resolved: bpf: track changes_pkt_data property for global functions When processing calls to certain helpers, verifier invalidates all packet pointers in a current state. For example, consider the following program: __attribute__((__noinline__)) long skb_pull_data(struct __sk_buff *sk, __u32 len) { return bpf_skb_pull_data(sk, len); } SEC("tc") int test_invalidate_checks(struct __sk_buff *sk) { int *p = (void *)(long)sk->data; if ((void *)(p + 1) > (void *)(long)sk->data_end) return TCX_DROP; skb_pull_data(sk, 0); *p = 42; return TCX_PASS; } After a call to bpf_skb_pull_data() the pointer 'p' can't be used safely. See function filter.c:bpf_helper_changes_pkt_data() for a list of such helpers. At the moment verifier invalidates packet pointers when processing helper function calls, and does not traverse global sub-programs when processing calls to global sub-programs. This means that calls to helpers done from global sub-programs do not invalidate pointers in the caller state. E.g. the program above is unsafe, but is not rejected by verifier. This commit fixes the omission by computing field bpf_subprog_info->changes_pkt_data for each sub-program before main verification pass. changes_pkt_data should be set if: - subprogram calls helper for which bpf_helper_changes_pkt_data returns true; - subprogram calls a global function, for which bpf_subprog_info->changes_pkt_data should be set. The verifier.c:check_cfg() pass is modified to compute this information. The commit relies on depth first instruction traversal done by check_cfg() and absence of recursive function calls: - check_cfg() would eventually visit every call to subprogram S in a state when S is fully explored; - when S is fully explored: - every direct helper call within S is explored (and thus changes_pkt_data is set if needed); - every call to subprogram S1 called by S was visited with S1 fully explored (and thus S inherits changes_pkt_data from S1). The downside of such approach is that dead code elimination is not taken into account: if a helper call inside global function is dead because of current configuration, verifier would conservatively assume that the call occurs for the purpose of the changes_pkt_data computation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 15:15:00 GMT

read more

CVE-2024-58100 - Linux Kernel bpf Changes_pkt_data Property Vulnerability

CVE ID : CVE-2024-58100
Published : May 5, 2025, 3:15 p.m. | 1 hour, 1 minute ago
Description : In the Linux kernel, the following vulnerability has been resolved: bpf: check changes_pkt_data property for extension programs When processing calls to global sub-programs, verifier decides whether to invalidate all packet pointers in current state depending on the changes_pkt_data property of the global sub-program. Because of this, an extension program replacing a global sub-program must be compatible with changes_pkt_data property of the sub-program being replaced. This commit: - adds changes_pkt_data flag to struct bpf_prog_aux: - this flag is set in check_cfg() for main sub-program; - in jit_subprogs() for other sub-programs; - modifies bpf_check_attach_btf_id() to check changes_pkt_data flag; - moves call to check_attach_btf_id() after the call to check_cfg(), because it needs changes_pkt_data flag to be set: bpf_check: ... ... - check_attach_btf_id resolve_pseudo_ldimm64 resolve_pseudo_ldimm64 --> bpf_prog_is_offloaded bpf_prog_is_offloaded check_cfg check_cfg + check_attach_btf_id ... ... The following fields are set by check_attach_btf_id(): - env->ops - prog->aux->attach_btf_trace - prog->aux->attach_func_name - prog->aux->attach_func_proto - prog->aux->dst_trampoline - prog->aux->mod - prog->aux->saved_dst_attach_type - prog->aux->saved_dst_prog_type - prog->expected_attach_type Neither of these fields are used by resolve_pseudo_ldimm64() or bpf_prog_offload_verifier_prep() (for netronome and netdevsim drivers), so the reordering is safe.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 15:15:00 GMT

read more

CVE-2024-58237 - Linux Kernel BPF Packet Pointer Invalidation Vulnerability

CVE ID : CVE-2024-58237
Published : May 5, 2025, 3:15 p.m. | 1 hour, 1 minute ago
Description : In the Linux kernel, the following vulnerability has been resolved: bpf: consider that tail calls invalidate packet pointers Tail-called programs could execute any of the helpers that invalidate packet pointers. Hence, conservatively assume that each tail call invalidates packet pointers. Making the change in bpf_helper_changes_pkt_data() automatically makes use of check_cfg() logic that computes 'changes_pkt_data' effect for global sub-programs, such that the following program could be rejected: int tail_call(struct __sk_buff *sk) { bpf_tail_call_static(sk, &jmp_table, 0); return 0; } SEC("tc") int not_safe(struct __sk_buff *sk) { int *p = (void *)(long)sk->data; ... make p valid ... tail_call(sk); *p = 42; /* this is unsafe */ ... } The tc_bpf2bpf.c:subprog_tc() needs change: mark it as a function that can invalidate packet pointers. Otherwise, it can't be freplaced with tailcall_freplace.c:entry_freplace() that does a tail call.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 15:15:00 GMT

read more

CVE-2025-47240 - Apache Unverified Vulnerability

CVE ID : CVE-2025-47240
Published : May 5, 2025, 3:15 p.m. | 1 hour, 1 minute ago
Description : Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 15:15:00 GMT

read more

CVE-2025-28168 - Outsystems Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-28168
Published : May 5, 2025, 2:15 p.m. | 2 hours, 2 minutes ago
Description : Outsystems Multiple File Upload < 3.1.0 is vulnerable to Unrestricted File Upload. The vulnerability is because file extension and size validations are enforced solely on the client side. An attacker can intercept the upload request and modify the parameter to bypass extension restrictions and upload arbitrary files.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 14:15:00 GMT

read more

CVE-2025-45751 - SourceCodester Web Based Pharmacy Product Management System Cross Site Scripting (XSS)

CVE ID : CVE-2025-45751
Published : May 5, 2025, 2:15 p.m. | 2 hours, 2 minutes ago
Description : SourceCodester Web Based Pharmacy Product Management System 1.0 is vulnerable to Cross Site Scripting (XSS) in add-admin.php via the Fullname text field.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 14:15:00 GMT

read more

CVE-2025-47268 - iputils Ping Denial of Service (DoS) Vulnerability

CVE ID : CVE-2025-47268
Published : May 5, 2025, 2:15 p.m. | 2 hours, 2 minutes ago
Description : ping in iputils through 20240905 allows a denial of service (application error or incorrect data collection) via a crafted ICMP Echo Reply packet, because of a signed 64-bit integer overflow in timestamp multiplication.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 14:15:00 GMT

read more

CVE-2025-4316 - "Devolutions Server PAM Unauthorized Self-Approval"

CVE ID : CVE-2025-4316
Published : May 5, 2025, 2:15 p.m. | 2 hours, 2 minutes ago
Description : Improper access control in PAM feature in Devolutions Server 2025.1.6.0 and earlier allows a PAM user to self approve their PAM requests even if disallowed by the configured policy via specific user interface actions.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 14:15:00 GMT

read more

CVE-2025-2545 - "Best Practical Solutions, LLC Request Tracker Triple DES Encryption Weakness"

CVE ID : CVE-2025-2545
Published : May 5, 2025, 12:15 p.m. | 4 hours, 2 minutes ago
Description : Vulnerability in Best Practical Solutions, LLC's Request Tracker v5.0.7, where the Triple DES (3DES) cryptographic algorithm is used within SMIME code to encrypt S/MIME emails. Triple DES is considered obsolete and insecure due to its susceptibility to birthday attacks, which could compromise the confidentiality of encrypted messages.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 12:15:00 GMT

read more

The syzygy distinguisher élu best paper award

The syzygy distinguisher élu best paper award

anssiadm
À l’occasion de la conférence Eurocrypt qui se tient à Madrid du 4 au 8 mai, l’International Association for Cryptologic Research (IACR) a remis le Best Paper Award à Hugues Randriam pour ses travaux menés au sein du laboratoire de cryptologie de l’ANSSI.

Cette récompense vient saluer l’article de Hugues Randriam intitulé « The syzygy distinguisher », dont les conclusions représentent une avancée significative dans le domaine du chiffrement asymétrique.

L’étude propose en effet un nouvel outil mathématique appelé « syzygy distinguisher ». Déjà utilisé en cryptographie, les distinguisher ont toutefois montré des limites face à certains problèmes complexes de cryptographie. Celui proposé par Hugues dans son papier offre des résultats considérablement supérieurs lorsqu’il s’agit de reconnaître des codes cryptographiques utilisés pour sécuriser les communications, notamment dans le cadre de la cryptographie post-quantique.

L’attribution de ce prix constitue une reconnaissance forte des travaux menés par Hugues Randriam et par l’ensemble du laboratoire de cryptographie de l’ANSSI. Elle souligne également l’engagement constant des équipes de l’Agence dans la recherche scientifique.

C’est une grande fierté pour l’ANSSI, non seulement pour le rayonnement de ses laboratoires, mais aussi pour le travail mené au quotidien par l’ensemble de ses agents.

Version préliminaire du papier

Programme de la conférence

Mon, 05 May 2025 11:43:00 GMT

read more

CVE-2025-4272 - Mechrevo Control Console DLL Search Path Vulnerability

CVE ID : CVE-2025-4272
Published : May 5, 2025, 11:15 a.m. | 5 hours, 2 minutes ago
Description : A vulnerability was found in Mechrevo Control Console 1.0.2.70. It has been rated as critical. Affected by this issue is some unknown functionality in the library C:\Program Files\OEM\MECHREVO Control Center\UniwillService\MyControlCenter\csCAPI.dll of the component GCUService. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 11:15:00 GMT

read more

CVE-2025-2905 - WSO2 API Manager XXE File Disclosure and Denial of Service Vulnerability

CVE ID : CVE-2025-2905
Published : May 5, 2025, 9:15 a.m. | 7 hours, 2 minutes ago
Description : An XML External Entity (XXE) vulnerability exists in the gateway component of WSO2 API Manager due to insufficient validation of XML input in crafted URL paths. User-supplied XML is parsed without appropriate restrictions, enabling external entity resolution. This vulnerability can be exploited by an unauthenticated remote attacker to read files from the server’s filesystem or perform denial-of-service (DoS) attacks. * On systems running JDK 7 or early JDK 8, full file contents may be exposed. * On later versions of JDK 8 and newer, only the first line of a file may be read, due to improvements in XML parser behavior. * DoS attacks such as "Billion Laughs" payloads can cause service disruption.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 09:15:00 GMT

read more

CVE-2025-4270 - TOTOLINK A720R CGI Config Handler Information Disclosure

CVE ID : CVE-2025-4270
Published : May 5, 2025, 8:15 a.m. | 8 hours, 2 minutes ago
Description : A vulnerability was found in TOTOLINK A720R 4.1.5cu.374. It has been classified as problematic. Affected is an unknown function of the file /cgi-bin/cstecgi.cgi of the component Config Handler. The manipulation of the argument topicurl with the input getInitCfg/getSysStatusCfg leads to information disclosure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 08:15:00 GMT

read more

CVE-2025-4271 - TOTOLINK A720R CGI Argument Injection Information Disclosure

CVE ID : CVE-2025-4271
Published : May 5, 2025, 8:15 a.m. | 8 hours, 2 minutes ago
Description : A vulnerability was found in TOTOLINK A720R 4.1.5cu.374. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument topicurl with the input showSyslog leads to information disclosure. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 08:15:00 GMT

read more

CVE-2025-4268 - TOTOLINK A720R Authentication Bypass Vulnerability

CVE ID : CVE-2025-4268
Published : May 5, 2025, 7:15 a.m. | 9 hours, 2 minutes ago
Description : A vulnerability has been found in TOTOLINK A720R 4.1.5cu.374 and classified as critical. This vulnerability affects unknown code of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument topicurl with the input RebootSystem leads to missing authentication. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 07:15:00 GMT

read more

CVE-2025-4269 - TOTOLINK Log Handler Remote Code Execution Vulnerability

CVE ID : CVE-2025-4269
Published : May 5, 2025, 7:15 a.m. | 9 hours, 2 minutes ago
Description : A vulnerability was found in TOTOLINK A720R 4.1.5cu.374 and classified as critical. This issue affects some unknown processing of the file /cgi-bin/cstecgi.cgi of the component Log Handler. The manipulation of the argument topicurl with the input clearDiagnosisLog/clearSyslog/clearTracerouteLog leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 07:15:00 GMT

read more

CVE-2025-39363 - AlphaEfficiencyTeam Custom Login and Registration Stored Cross-site Scripting Vulnerability

CVE ID : CVE-2025-39363
Published : May 5, 2025, 6:15 a.m. | 10 hours, 2 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AlphaEfficiencyTeam Custom Login and Registration allows Stored XSS.This issue affects Custom Login and Registration: from n/a through 1.0.0.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 06:15:00 GMT

read more

CVE-2025-3583 - WordPress Newsletter Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3583
Published : May 5, 2025, 6:15 a.m. | 10 hours, 2 minutes ago
Description : The Newsletter WordPress plugin before 8.7.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 06:15:00 GMT

read more

CVE-2025-4266 - PHPGurukul Notice Board System SQL Injection Vulnerability

CVE ID : CVE-2025-4266
Published : May 5, 2025, 6:15 a.m. | 10 hours, 2 minutes ago
Description : A vulnerability, which was classified as critical, has been found in PHPGurukul Notice Board System 1.0. Affected by this issue is some unknown functionality of the file /bwdates-reports-details.php?vid=2. The manipulation of the argument fromdate/tomdate leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 06:15:00 GMT

read more

CVE-2025-4267 - SourceCodester Oretnom23 Stock Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4267
Published : May 5, 2025, 6:15 a.m. | 10 hours, 2 minutes ago
Description : A vulnerability, which was classified as critical, was found in SourceCodester/oretnom23 Stock Management System 1.0. This affects an unknown part of the file /admin/?page=purchase_order/view_po of the component Purchase Order Details Page. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 06:15:00 GMT

read more

CVE-2025-4264 - PHPGurukul Emergency Ambulance Hiring Portal SQL Injection Vulnerability

CVE ID : CVE-2025-4264
Published : May 5, 2025, 5:15 a.m. | 11 hours, 2 minutes ago
Description : A vulnerability classified as critical has been found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. Affected is an unknown function of the file /admin/edit-ambulance.php. The manipulation of the argument dconnum leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 05:15:00 GMT

read more

CVE-2025-4265 - PHPGurukul Emergency Ambulance Hiring Portal SQL Injection Vulnerability

CVE ID : CVE-2025-4265
Published : May 5, 2025, 5:15 a.m. | 11 hours, 2 minutes ago
Description : A vulnerability classified as critical was found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/contact-us.php. The manipulation of the argument mobnum leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 05:15:00 GMT

read more

CVE-2025-4262 - "PHPGurukul Online DJ Booking Management System SQL Injection Vulnerability"

CVE ID : CVE-2025-4262
Published : May 5, 2025, 4:16 a.m. | 12 hours, 1 minute ago
Description : A vulnerability was found in PHPGurukul Online DJ Booking Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/user-search.php. The manipulation of the argument searchdata leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 04:16:00 GMT

read more

CVE-2025-4263 - PHPGurukul Online DJ Booking Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4263
Published : May 5, 2025, 4:16 a.m. | 12 hours, 1 minute ago
Description : A vulnerability was found in PHPGurukul Online DJ Booking Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/booking-search.php. The manipulation of the argument searchdata leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 04:16:00 GMT

read more

CVE-2025-4261 - GAIR-NLP Factool Code Injection Vulnerability

CVE ID : CVE-2025-4261
Published : May 5, 2025, 4:15 a.m. | 12 hours, 2 minutes ago
Description : A vulnerability was found in GAIR-NLP factool up to 3f3914bc090b644be044b7e0005113c135d8b20f. It has been classified as critical. This affects the function run_single of the file factool/factool/math/tool.py. The manipulation leads to code injection. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 04:15:00 GMT

read more

CVE-2025-4260 - Zhangyanbo2007 Youkefu Deserialization Vulnerability

CVE ID : CVE-2025-4260
Published : May 5, 2025, 3:15 a.m. | 13 hours, 2 minutes ago
Description : A vulnerability was found in zhangyanbo2007 youkefu up to 4.2.0 and classified as problematic. Affected by this issue is the function impsave of the file m\web\handler\admin\system\TemplateController.java. The manipulation of the argument dataFile leads to deserialization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 03:15:00 GMT

read more

CVE-2025-20665 - Samsung Android SELinux Policy Missing Disclosure Vulnerability

CVE ID : CVE-2025-20665
Published : May 5, 2025, 3:15 a.m. | 10 hours, 31 minutes ago
Description : In devinfo, there is a possible information disclosure due to a missing SELinux policy. This could lead to local information disclosure of device identifier with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09555228; Issue ID: MSV-2760.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 03:15:00 GMT

read more

CVE-2025-20666 - "Modem Rogue Base Station Denial of Service Vulnerability"

CVE ID : CVE-2025-20666
Published : May 5, 2025, 3:15 a.m. | 10 hours, 31 minutes ago
Description : In Modem, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00650610; Issue ID: MSV-2933.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 03:15:00 GMT

read more

CVE-2025-20667 - Oracle Modem Information Disclosure Remote Vulnerability

CVE ID : CVE-2025-20667
Published : May 5, 2025, 3:15 a.m. | 10 hours, 31 minutes ago
Description : In Modem, there is a possible information disclosure due to incorrect error handling. This could lead to remote information disclosure, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01513293; Issue ID: MSV-2741.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 03:15:00 GMT

read more

CVE-2025-20668 - "OpenSSH SCP Out-of-Bounds Write Privilege Escalation Vulnerability"

CVE ID : CVE-2025-20668
Published : May 5, 2025, 3:15 a.m. | 10 hours, 31 minutes ago
Description : In scp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09625562; Issue ID: MSV-3027.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 03:15:00 GMT

read more

CVE-2025-20670 - Huawei Modem Certificate Validation Bypass Remote Information Disclosure Vulnerability

CVE ID : CVE-2025-20670
Published : May 5, 2025, 3:15 a.m. | 10 hours, 31 minutes ago
Description : In Modem, there is a possible permission bypass due to improper certificate validation. This could lead to remote information disclosure, if a UE has connected to a rogue base station controlled by the attacker, with User execution privileges needed. User interaction is needed for exploitation. Patch ID: MOLY01334347; Issue ID: MSV-2772.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 03:15:00 GMT

read more

CVE-2025-20671 - Thermal Out-of-Bounds Write Privilege Escalation Vulnerability

CVE ID : CVE-2025-20671
Published : May 5, 2025, 3:15 a.m. | 10 hours, 31 minutes ago
Description : In thermal, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09698599; Issue ID: MSV-3228.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 03:15:00 GMT

read more

CVE-2025-4259 - Newbee-Mall Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-4259
Published : May 5, 2025, 3:15 a.m. | 10 hours, 31 minutes ago
Description : A vulnerability has been found in newbee-mall 1.0 and classified as critical. Affected by this vulnerability is the function Upload of the file ltd/newbee/mall/controller/common/UploadController.java. The manipulation of the argument File leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 03:15:00 GMT

read more

CVE-2025-4273 - Intel UEFI Secure Boot Signature Validation Bypass

CVE ID : CVE-2025-4273
Published : May 5, 2025, 2:15 a.m. | 11 hours, 31 minutes ago
Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 02:15:00 GMT

read more

CVE-2025-4258 - Zhangyanbo2007 Youkefu Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-4258
Published : May 5, 2025, 2:15 a.m. | 8 hours, 11 minutes ago
Description : A vulnerability, which was classified as critical, was found in zhangyanbo2007 youkefu up to 4.2.0. Affected is the function Upload of the file \youkefu-master\src\main\java\com\ukefu\webim\web\handler\resource\MediaController.java. The manipulation of the argument imgFile leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 02:15:00 GMT

read more

CVE-2025-4257 - SeaCMS Cross Site Scripting Vulnerability

CVE ID : CVE-2025-4257
Published : May 5, 2025, 1:15 a.m. | 9 hours, 10 minutes ago
Description : A vulnerability, which was classified as problematic, has been found in SeaCMS 13.2. This issue affects some unknown processing of the file /admin_pay.php. The manipulation of the argument cstatus leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 01:15:00 GMT

read more

CVE-2025-4256 - SeaCMS Cross-Site Scripting (XSS)

CVE ID : CVE-2025-4256
Published : May 5, 2025, 1:15 a.m. | 7 hours, 10 minutes ago
Description : A vulnerability classified as problematic was found in SeaCMS 13.2. This vulnerability affects unknown code of the file /admin_paylog.php. The manipulation of the argument cstatus leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 01:15:00 GMT

read more

CVE-2025-4254 - PCMan FTP Server Buffer Overflow Vulnerability

CVE ID : CVE-2025-4254
Published : May 5, 2025, 12:15 a.m. | 8 hours, 11 minutes ago
Description : A vulnerability was found in PCMan FTP Server 2.0.7. It has been rated as critical. Affected by this issue is some unknown functionality of the component LIST Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 00:15:00 GMT

read more

CVE-2025-4255 - PCMan FTP Server RMD Command Handler Buffer Overflow

CVE ID : CVE-2025-4255
Published : May 5, 2025, 12:15 a.m. | 8 hours, 11 minutes ago
Description : A vulnerability classified as critical has been found in PCMan FTP Server 2.0.7. This affects an unknown part of the component RMD Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 05 May 2025 00:15:00 GMT

read more

CVE-2025-4252 - PCMan FTP Server Buffer Overflow Vulnerability

CVE ID : CVE-2025-4252
Published : May 4, 2025, 11:15 p.m. | 6 hours, 29 minutes ago
Description : A vulnerability was found in PCMan FTP Server 2.0.7. It has been classified as critical. Affected is an unknown function of the component APPEND Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 04 May 2025 23:15:00 GMT

read more

CVE-2025-4253 - PCMan FTP Server Buffer Overflow Vulnerability

CVE ID : CVE-2025-4253
Published : May 4, 2025, 11:15 p.m. | 6 hours, 29 minutes ago
Description : A vulnerability was found in PCMan FTP Server 2.0.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component HASH Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 04 May 2025 23:15:00 GMT

read more

CVE-2025-4251 - PCMan FTP Server Remote Buffer Overflow

CVE ID : CVE-2025-4251
Published : May 4, 2025, 10:15 p.m. | 7 hours, 29 minutes ago
Description : A vulnerability was found in PCMan FTP Server 2.0.7 and classified as critical. This issue affects some unknown processing of the component RMDIR Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 04 May 2025 22:15:00 GMT

read more

CVE-2025-4250 - Nero Social Networking Site SQL Injection Vulnerability

CVE ID : CVE-2025-4250
Published : May 4, 2025, 9:17 a.m. | 20 hours, 28 minutes ago
Description : A vulnerability was found in code-projects Nero Social Networking Site 1.0. It has been classified as critical. This affects an unknown part of the file /index.php. The manipulation of the argument fname/lname/login/password2/cpassword/address/cnumber/email/gender/propic/month leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 04 May 2025 09:17:00 GMT

read more

CVE-2025-4249 - PHPGurukul e-Diary Management System SQL Injection

CVE ID : CVE-2025-4249
Published : May 4, 2025, 7:15 a.m. | 22 hours, 29 minutes ago
Description : A vulnerability was found in PHPGurukul e-Diary Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /manage-categories.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 04 May 2025 07:15:00 GMT

read more

CVE-2025-4248 - SourceCodester Simple To-Do List System SQL Injection

CVE ID : CVE-2025-4248
Published : May 4, 2025, 6:15 a.m. | 23 hours, 30 minutes ago
Description : A vulnerability has been found in SourceCodester Simple To-Do List System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /complete_task.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 04 May 2025 06:15:00 GMT

read more

CVE-2025-4247 - SourceCodester Simple To-Do List System SQL Injection Vulnerability

CVE ID : CVE-2025-4247
Published : May 4, 2025, 5:15 a.m. | 21 hours, 36 minutes ago
Description : A vulnerability, which was classified as critical, was found in SourceCodester Simple To-Do List System 1.0. Affected is an unknown function of the file /delete_task.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 04 May 2025 05:15:00 GMT

read more

CVE-2025-47245 - BlueWave Checkmate Role Tampering Vulnerability

CVE ID : CVE-2025-47245
Published : May 4, 2025, 12:15 a.m. | 1 day, 2 hours ago
Description : In BlueWave Checkmate through 2.0.2 before d4a6072, an invite request can be modified to specify a privileged role.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 04 May 2025 00:15:00 GMT

read more

CVE-2025-47244 - Inedo ProGet C# Reflection Layer Remote Code Execution and Denial of Service

CVE ID : CVE-2025-47244
Published : May 3, 2025, 11:15 p.m. | 1 day, 3 hours ago
Description : Inedo ProGet through 2024.22 allows remote attackers to reach restricted functionality through the C# reflection layer, as demonstrated by causing a denial of service (when an attacker executes a loop calling RestartWeb) or obtaining potentially sensitive information. Exploitation can occur if Anonymous access is enabled, or if there is a successful CSRF attack.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 03 May 2025 23:15:00 GMT

read more

CVE-2025-47241 - Apache Airflow URL Parsing Authority Component Vulnerability (CWE-20)

CVE ID : CVE-2025-47241
Published : May 3, 2025, 9:15 p.m. | 1 day, 5 hours ago
Description : In browser-use (aka Browser Use) before 0.1.45, URL parsing of allowed_domains is mishandled because userinfo can be placed in the authority component.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 03 May 2025 21:15:00 GMT

read more

CVE-2025-4244 - Code-Projects Online Bus Reservation System SQL Injection

CVE ID : CVE-2025-4244
Published : May 3, 2025, 8:15 p.m. | 1 day, 6 hours ago
Description : A vulnerability, which was classified as critical, was found in code-projects Online Bus Reservation System 1.0. This affects an unknown part of the file /seatlocation.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 03 May 2025 20:15:00 GMT

read more

CVE-2025-1838 - IBM Cloud Pak for Business Automation Denial of Service Vulnerability

CVE ID : CVE-2025-1838
Published : May 3, 2025, 7:15 p.m. | 1 day, 7 hours ago
Description : IBM Cloud Pak for Business Automation 24.0.0 and 24.0.1 through 24.0.1 IF001 Authoring allows an authenticated user to bypass client-side data validation in an authoring user interface which could cause a denial of service.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 03 May 2025 19:15:00 GMT

read more

CVE-2025-4242 - PHPGurukul Online Birth Certificate System SQL Injection Vulnerability

CVE ID : CVE-2025-4242
Published : May 3, 2025, 7:15 p.m. | 1 day, 7 hours ago
Description : A vulnerability classified as critical was found in PHPGurukul Online Birth Certificate System 2.0. Affected by this vulnerability is an unknown functionality of the file /admin/between-dates-report.php. The manipulation of the argument fromdate leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 03 May 2025 19:15:00 GMT

read more

CVE-2025-4243 - Code-projects Online Bus Reservation System SQL Injection Vulnerability

CVE ID : CVE-2025-4243
Published : May 3, 2025, 7:15 p.m. | 1 day, 7 hours ago
Description : A vulnerability, which was classified as critical, has been found in code-projects Online Bus Reservation System 1.0. Affected by this issue is some unknown functionality of the file /print.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 03 May 2025 19:15:00 GMT

read more

CVE-2025-4240 - PCMan FTP Server LCD Command Handler Buffer Overflow Vulnerability

CVE ID : CVE-2025-4240
Published : May 3, 2025, 6:15 p.m. | 1 day, 8 hours ago
Description : A vulnerability was found in PCMan FTP Server 2.0.7. It has been rated as critical. This issue affects some unknown processing of the component LCD Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 03 May 2025 18:15:00 GMT

read more

CVE-2025-4241 - PHPGurukul Teacher Subject Allocation Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4241
Published : May 3, 2025, 6:15 p.m. | 1 day, 8 hours ago
Description : A vulnerability classified as critical has been found in PHPGurukul Teacher Subject Allocation Management System 1.0. Affected is an unknown function of the file /admin/search.php. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 03 May 2025 18:15:00 GMT

read more

CVE-2025-1495 - IBM Business Automation Workflow Information Disclosure Vulnerability

CVE ID : CVE-2025-1495
Published : May 3, 2025, 5:15 p.m. | 1 day, 9 hours ago
Description : IBM Business Automation Workflow 24.0.0 and 24.0.1 through 24.0.1 IF001 Center may leak sensitive information due to missing authorization validation.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 03 May 2025 17:15:00 GMT

read more

CVE-2025-4238 - PCMan FTP Server MGET Command Handler Buffer Overflow

CVE ID : CVE-2025-4238
Published : May 3, 2025, 5:15 p.m. | 1 day, 9 hours ago
Description : A vulnerability was found in PCMan FTP Server 2.0.7. It has been classified as critical. This affects an unknown part of the component MGET Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 03 May 2025 17:15:00 GMT

read more

CVE-2025-4239 - PCMan FTP Server Buffer Overflow

CVE ID : CVE-2025-4239
Published : May 3, 2025, 5:15 p.m. | 1 day, 9 hours ago
Description : A vulnerability was found in PCMan FTP Server 2.0.7. It has been declared as critical. This vulnerability affects unknown code of the component TYPE Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 03 May 2025 17:15:00 GMT

read more

CVE-2024-41753 - IBM Cloud Pak for Business Automation Cross-Site Scripting Vulnerability

CVE ID : CVE-2024-41753
Published : May 3, 2025, 4:15 p.m. | 1 day, 8 hours ago
Description : IBM Cloud Pak for Business Automation 24.0.0 through 24.0.0 IF004 and 24.0.1 through 24.0.1 IF001 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 03 May 2025 16:15:00 GMT

read more

CVE-2024-58134 - Mojolicious Default HMAC Session Secret Vulnerability

CVE ID : CVE-2024-58134
Published : May 3, 2025, 4:15 p.m. | 1 day, 8 hours ago
Description : Mojolicious versions from 0.999922 through 9.39 for Perl uses a hard coded string, or the application's class name, as a HMAC session secret by default. These predictable default secrets can be exploited to forge session cookies. An attacker who knows or guesses the secret could compute valid HMAC signatures for the session cookie, allowing them to tamper with or hijack another user’s session.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 03 May 2025 16:15:00 GMT

read more

CVE-2025-4237 - PCMan FTP Server MDELETE Command Handler Buffer Overflow

CVE ID : CVE-2025-4237
Published : May 3, 2025, 3:15 p.m. | 1 day, 9 hours ago
Description : A vulnerability was found in PCMan FTP Server 2.0.7 and classified as critical. Affected by this issue is some unknown functionality of the component MDELETE Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 03 May 2025 15:15:00 GMT

read more

CVE-2025-4236 - PCMan FTP Server MDIR Command Handler Buffer Overflow Vulnerability

CVE ID : CVE-2025-4236
Published : May 3, 2025, 2:15 p.m. | 1 day, 10 hours ago
Description : A vulnerability has been found in PCMan FTP Server 2.0.7 and classified as critical. Affected by this vulnerability is an unknown functionality of the component MDIR Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 03 May 2025 14:15:00 GMT

read more

CVE-2025-37799 - vmxnet3 Linux Kernel Malformed Packet Sizing Vulnerability

CVE ID : CVE-2025-37799
Published : May 3, 2025, 12:15 p.m. | 1 day, 12 hours ago
Description : In the Linux kernel, the following vulnerability has been resolved: vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp vmxnet3 driver's XDP handling is buggy for packet sizes using ring0 (that is, packet sizes between 128 - 3k bytes). We noticed MTU-related connectivity issues with Cilium's service load- balancing in case of vmxnet3 as NIC underneath. A simple curl to a HTTP backend service where the XDP LB was doing IPIP encap led to overly large packet sizes but only for *some* of the packets (e.g. HTTP GET request) while others (e.g. the prior TCP 3WHS) looked completely fine on the wire. In fact, the pcap recording on the backend node actually revealed that the node with the XDP LB was leaking uninitialized kernel data onto the wire for the affected packets, for example, while the packets should have been 152 bytes their actual size was 1482 bytes, so the remainder after 152 bytes was padded with whatever other data was in that page at the time (e.g. we saw user/payload data from prior processed packets). We only noticed this through an MTU issue, e.g. when the XDP LB node and the backend node both had the same MTU (e.g. 1500) then the curl request got dropped on the backend node's NIC given the packet was too large even though the IPIP-encapped packet normally would never even come close to the MTU limit. Lowering the MTU on the XDP LB (e.g. 1480) allowed to let the curl request succeed (which also indicates that the kernel ignored the padding, and thus the issue wasn't very user-visible). Commit e127ce7699c1 ("vmxnet3: Fix missing reserved tailroom") was too eager to also switch xdp_prepare_buff() from rcd->len to rbi->len. It really needs to stick to rcd->len which is the actual packet length from the descriptor. The latter we also feed into vmxnet3_process_xdp_small(), by the way, and it indicates the correct length needed to initialize the xdp->{data,data_end} parts. For e127ce7699c1 ("vmxnet3: Fix missing reserved tailroom") the relevant part was adapting xdp_init_buff() to address the warning given the xdp_data_hard_end() depends on xdp->frame_sz. With that fixed, traffic on the wire looks good again.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 03 May 2025 12:15:00 GMT

read more

CVE-2025-4226 - PHPGurukul Cyber Cafe Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4226
Published : May 3, 2025, 11:15 a.m. | 1 day, 13 hours ago
Description : A vulnerability classified as critical has been found in PHPGurukul Cyber Cafe Management System 1.0. This affects an unknown part of the file /add-computer.php. The manipulation of the argument compname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 03 May 2025 11:15:00 GMT

read more

CVE-2024-58135 - Mojolicious Weak HMAC Session Secret Vulnerability

CVE ID : CVE-2024-58135
Published : May 3, 2025, 11:15 a.m. | 1 day, 9 hours ago
Description : Mojolicious versions from 7.28 through 9.39 for Perl may generate weak HMAC session secrets. When creating a default app with the "mojo generate app" tool, a weak secret is written to the application's configuration file using the insecure rand() function, and used for authenticating and protecting the integrity of the application's sessions. This may allow an attacker to brute force the application's session keys.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 03 May 2025 11:15:00 GMT

read more

CVE-2025-3815 - WordPress SurveyJS Stored Cross-Site Scripting

CVE ID : CVE-2025-3815
Published : May 3, 2025, 8:15 a.m. | 1 day, 12 hours ago
Description : The SurveyJS plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 1.12.32 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 03 May 2025 08:15:00 GMT

read more

CVE-2025-4222 - WordPress Database Toolset Sensitive Information Exposure

CVE ID : CVE-2025-4222
Published : May 3, 2025, 3:15 a.m. | 1 day, 17 hours ago
Description : The Database Toolset plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.8.4 via backup files stored in a publicly accessible location. This makes it possible for unauthenticated attackers to extract sensitive data from database backup files. An index file is present, so a brute force attack would need to be successful in order to compromise any data.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 03 May 2025 03:15:00 GMT

read more

CVE-2025-4199 - Abundatrade Plugin for WordPress CSRF Vulnerability

CVE ID : CVE-2025-4199
Published : May 3, 2025, 3:15 a.m. | 1 day, 5 hours ago
Description : The Abundatrade Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.8.02. This is due to missing or incorrect nonce validation on the 'abundatrade' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 03 May 2025 03:15:00 GMT

read more

CVE-2025-4172 - VerticalResponse WordPress Newsletter Widget Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-4172
Published : May 3, 2025, 3:15 a.m. | 1 day, 1 hour ago
Description : The VerticalResponse Newsletter Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'verticalresponse' shortcode in all versions up to, and including, 1.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 03 May 2025 03:15:00 GMT

read more

CVE-2025-4188 - WordPress Advanced Reorder Image Text Slider CSRF

CVE ID : CVE-2025-4188
Published : May 3, 2025, 3:15 a.m. | 1 day, 1 hour ago
Description : The Advanced Reorder Image Text Slider plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the 'reorder-simple-image-text-slider-setting' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 03 May 2025 03:15:00 GMT

read more

CVE-2025-4198 - Alink Tap Plugin for WordPress Cross-Site Request Forgery (CSRF) Vulnerability

CVE ID : CVE-2025-4198
Published : May 3, 2025, 3:15 a.m. | 1 day, 1 hour ago
Description : The Alink Tap plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.1. This is due to missing or incorrect nonce validation on the 'alink-tap' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 03 May 2025 03:15:00 GMT

read more

CVE-2025-47229 - GNU PSPP Denial of Service Vulnerability

CVE ID : CVE-2025-47229
Published : May 3, 2025, 3:15 a.m. | 17 hours, 38 minutes ago
Description : libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a denial of service (var_set_leave_quiet assertion failure and application exit) via crafted input data, such as data that triggers a call from src/data/dictionary.c code into src/data/variable.c code.
Severity: 2.9 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 03 May 2025 03:15:00 GMT

read more

CVE-2025-4168 - WordPress Subpage List Stored Cross-Site Scripting

CVE ID : CVE-2025-4168
Published : May 3, 2025, 3:15 a.m. | 17 hours, 38 minutes ago
Description : The Subpage List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'subpages' shortcode in all versions up to, and including, 1.3.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 03 May 2025 03:15:00 GMT

read more

CVE-2025-4170 - Xavin's Review Ratings Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-4170
Published : May 3, 2025, 3:15 a.m. | 17 hours, 38 minutes ago
Description : The Xavin's Review Ratings plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'xrr' shortcode in all versions up to, and including, 1.4.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 03 May 2025 03:15:00 GMT

read more

CVE-2024-13738 - "Motors Car Dealer, Rental Listing WordPress Theme Shortcode Execution Vulnerability"

CVE ID : CVE-2024-13738
Published : May 3, 2025, 3:15 a.m. | 15 hours, 10 minutes ago
Description : The The Motors - Car Dealer, Rental & Listing WordPress theme theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.6.65. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes. *It is unclear exactly which version the issue was patched in from the changelog. Therefore, we used the latest version at the time of verification.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 03 May 2025 03:15:00 GMT

read more

CVE-2025-3779 - WordPress Personizely Stored Cross-Site Scripting

CVE ID : CVE-2025-3779
Published : May 3, 2025, 3:15 a.m. | 15 hours, 10 minutes ago
Description : The Personizely plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘widgetId’ parameter in all versions up to, and including, 0.10 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 03 May 2025 03:15:00 GMT

read more

CVE-2025-3918 - WordPress Job Listings Privilege Escalation

CVE ID : CVE-2025-3918
Published : May 3, 2025, 3:15 a.m. | 15 hours, 10 minutes ago
Description : The Job Listings plugin for WordPress is vulnerable to Privilege Escalation due to improper authorization within the register_action() function in versions 0.1 to 0.1.1. The plugin’s registration handler reads the client-supplied $_POST['user_role'] and passes it directly to wp_insert_user() without restricting to a safe set of roles. This makes it possible for unauthenticated attackers to elevate their privileges to that of an administrator.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 03 May 2025 03:15:00 GMT

read more

CVE-2025-46723 - OpenVM AUIPC Instruction Overflow Vulnerability

CVE ID : CVE-2025-46723
Published : May 2, 2025, 11:15 p.m. | 19 hours, 10 minutes ago
Description : OpenVM is a performant and modular zkVM framework built for customization and extensibility. In version 1.0.0, OpenVM is vulnerable to overflow through byte decomposition of pc in AUIPC chip. A typo results in the highest limb of pc being range checked to 8-bits instead of 6-bits. This results in the if statement never being triggered because the enumeration gives i=0,1,2, when instead the enumeration should give i=1,2,3, leaving pc_limbs[3] range checked to 8-bits instead of 6-bits. This leads to a vulnerability where the pc_limbs decomposition differs from the true pc, which means a malicious prover can make the destination register take a different value than the AUIPC instruction dictates, by making the decomposition overflow the BabyBear field. This issue has been patched in version 1.1.0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 23:15:00 GMT

read more

CVE-2024-55069 - FFmpeg Null Pointer Dereference in iamf_read_header

CVE ID : CVE-2024-55069
Published : May 2, 2025, 10:15 p.m. | 20 hours, 10 minutes ago
Description : ffmpeg 7.1 is vulnerable to Null Pointer Dereference in function iamf_read_header in /libavformat/iamfdec.c.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 22:15:00 GMT

read more

CVE-2025-21572 - OpenGrok Reflected Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-21572
Published : May 2, 2025, 10:15 p.m. | 20 hours, 10 minutes ago
Description : OpenGrok 1.13.25 has a reflected Cross-Site Scripting (XSS) issue when producing the history view page. This happens through improper handling of path segments. The application reflects unsanitized user input into the HTML output.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 22:15:00 GMT

read more

CVE-2022-21546 - Dell SBC Null Data Buffer Access Crash Vulnerability (Denial of Service)

CVE ID : CVE-2022-21546
Published : May 2, 2025, 10:15 p.m. | 18 hours, 37 minutes ago
Description : In newer version of the SBC specs, we have a NDOB bit that indicates there is no data buffer that gets written out. If this bit is set using commands like "sg_write_same --ndob" we will crash in target_core_iblock/file's execute_write_same handlers when we go to access the se_cmd->t_data_sg because its NULL. CVSS 3.1 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).
Severity: 7.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 22:15:00 GMT

read more

CVE-2025-4215 - "uBlock Origin Regular Expression Complexity Remote Vulnerability"

CVE ID : CVE-2025-4215
Published : May 2, 2025, 9:15 p.m. | 19 hours, 37 minutes ago
Description : A vulnerability was found in gorhill uBlock Origin up to 1.63.3b16. It has been classified as problematic. Affected is the function currentStateChanged of the file src/js/1p-filters.js of the component UI. The manipulation leads to inefficient regular expression complexity. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 1.63.3b17 is able to address this issue. The patch is identified as eaedaf5b10d2f7857c6b77fbf7d4a80681d4d46c. It is recommended to upgrade the affected component.
Severity: 3.1 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 21:15:00 GMT

read more

CVE-2025-4218 - Handrew BrowserPilot GPTSeleniumAgent Code Injection Vulnerability

CVE ID : CVE-2025-4218
Published : May 2, 2025, 9:15 p.m. | 19 hours, 37 minutes ago
Description : A vulnerability was found in handrew browserpilot up to 0.2.51. It has been declared as critical. Affected by this vulnerability is the function GPTSeleniumAgent of the file browserpilot/browserpilot/agents/gpt_selenium_agent.py. The manipulation of the argument instructions leads to code injection. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 21:15:00 GMT

read more

CVE-2025-0782 - H2O-3 S3 Bucket Public Write Privilege Escalation Vulnerability

CVE ID : CVE-2025-0782
Published : May 2, 2025, 9:15 p.m. | 17 hours, 35 minutes ago
Description : A vulnerability in the S3 bucket configuration for h2oai/h2o-3 allows public write access to the 'h2o-release' bucket. This issue affects all versions and could enable an attacker to overwrite any file in the bucket. As users download binary files such as JARs from this bucket, this vulnerability could lead to remote code execution (RCE) on any user who uses the application. Additionally, an attacker could modify the documentation to include malicious download links.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 21:15:00 GMT

read more

CVE-2025-47226 - Grokability Snipe-IT Authorization Bypass

CVE ID : CVE-2025-47226
Published : May 2, 2025, 9:15 p.m. | 17 hours, 35 minutes ago
Description : Grokability Snipe-IT before 8.1.0 has incorrect authorization for accessing asset information.
Severity: 5.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 21:15:00 GMT

read more

CVE-2025-4214 - PHPGuruku Online DJ Booking Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4214
Published : May 2, 2025, 8:15 p.m. | 18 hours, 35 minutes ago
Description : A vulnerability was found in PHPGuruku Online DJ Booking Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/booking-bwdates-reports-details.php. The manipulation of the argument fromdate leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 20:15:00 GMT

read more

CVE-2024-58253 - Obfstr Crate Invalid UTF-8 Conversion Vulnerability

CVE ID : CVE-2024-58253
Published : May 2, 2025, 8:15 p.m. | 16 hours, 36 minutes ago
Description : In the obfstr crate before 0.4.4 for Rust, the obfstr! argument type is not restricted to string slices, leading to invalid UTF-8 conversion that produces an invalid value.
Severity: 2.9 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 20:15:00 GMT

read more

CVE-2025-4213 - PHPGurukul Online Birth Certificate System SQL Injection Vulnerability

CVE ID : CVE-2025-4213
Published : May 2, 2025, 6:15 p.m. | 16 hours, 10 minutes ago
Description : A vulnerability has been found in PHPGurukul Online Birth Certificate System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/search.php. The manipulation of the argument searchdata leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 18:15:00 GMT

read more

CVE-2025-45800 - TOTOLINK A950RG Remote Command Execution

CVE ID : CVE-2025-45800
Published : May 2, 2025, 5:15 p.m. | 17 hours, 9 minutes ago
Description : TOTOLINK A950RG V4.1.2cu.5204_B20210112 contains a command execution vulnerability in the setDeviceName interface of the /lib/cste_modules/global.so library, specifically in the processing of the deviceMac parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 17:15:00 GMT

read more

CVE-2025-46332 - Vercel Flags SDK Information Disclosure

CVE ID : CVE-2025-46332
Published : May 2, 2025, 5:15 p.m. | 17 hours, 9 minutes ago
Description : Flags SDK is an open-source feature flags toolkit for Next.js and SvelteKit. Impacted versions include flags from 3.2.0 and prior and @vercel/flags from 3.1.1 and prior as certain circumstances allows a bad actor with detailed knowledge of the vulnerability to list all flags returned by the flags discovery endpoint (.well-known/vercel/flags). This vulnerability allows for information disclosure, where a bad actor could gain access to a list of all feature flags exposed through the flags discovery endpoint, including the flag names, flag descriptions, available options and their labels (e.g. true, false), and default flag values. This issue has been patched in flags@4.0.0, users of flags and @vercel/flags should also migrate to flags@4.0.0.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 17:15:00 GMT

read more

CVE-2025-3879 - Vault Azure Auth Token Validation Bypass

CVE ID : CVE-2025-3879
Published : May 2, 2025, 5:15 p.m. | 13 hours, 34 minutes ago
Description : Vault Community, Vault Enterprise (“Vault”) Azure Auth method did not correctly validate the claims in the Azure-issued token, resulting in the potential bypass of the bound_locations parameter on login. Fixed in Vault Community Edition 1.19.1 and Vault Enterprise 1.19.1, 1.18.7, 1.17.14, 1.16.18.
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 17:15:00 GMT

read more

CVE-2023-53135 - Riscv Linux Kernel Stack Out-of-Bounds Vulnerability

CVE ID : CVE-2023-53135
Published : May 2, 2025, 4:15 p.m. | 10 hours, 34 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: riscv: Use READ_ONCE_NOCHECK in imprecise unwinding stack mode When CONFIG_FRAME_POINTER is unset, the stack unwinding function walk_stackframe randomly reads the stack and then, when KASAN is enabled, it can lead to the following backtrace: [ 0.000000] ================================================================== [ 0.000000] BUG: KASAN: stack-out-of-bounds in walk_stackframe+0xa6/0x11a [ 0.000000] Read of size 8 at addr ffffffff81807c40 by task swapper/0 [ 0.000000] [ 0.000000] CPU: 0 PID: 0 Comm: swapper Not tainted 6.2.0-12919-g24203e6db61f #43 [ 0.000000] Hardware name: riscv-virtio,qemu (DT) [ 0.000000] Call Trace: [ 0.000000] [] walk_stackframe+0x0/0x11a [ 0.000000] [] init_param_lock+0x26/0x2a [ 0.000000] [] walk_stackframe+0xa2/0x11a [ 0.000000] [] dump_stack_lvl+0x22/0x36 [ 0.000000] [] print_report+0x198/0x4a8 [ 0.000000] [] init_param_lock+0x26/0x2a [ 0.000000] [] walk_stackframe+0xa2/0x11a [ 0.000000] [] kasan_report+0x9a/0xc8 [ 0.000000] [] walk_stackframe+0xa2/0x11a [ 0.000000] [] walk_stackframe+0xa2/0x11a [ 0.000000] [] desc_make_final+0x80/0x84 [ 0.000000] [] stack_trace_save+0x88/0xa6 [ 0.000000] [] filter_irq_stacks+0x72/0x76 [ 0.000000] [] devkmsg_read+0x32a/0x32e [ 0.000000] [] kasan_save_stack+0x28/0x52 [ 0.000000] [] desc_make_final+0x7c/0x84 [ 0.000000] [] stack_trace_save+0x84/0xa6 [ 0.000000] [] kasan_set_track+0x12/0x20 [ 0.000000] [] __kasan_slab_alloc+0x58/0x5e [ 0.000000] [] __kmem_cache_create+0x21e/0x39a [ 0.000000] [] create_boot_cache+0x70/0x9c [ 0.000000] [] kmem_cache_init+0x6c/0x11e [ 0.000000] [] mm_init+0xd8/0xfe [ 0.000000] [] start_kernel+0x190/0x3ca [ 0.000000] [ 0.000000] The buggy address belongs to stack of task swapper/0 [ 0.000000] and is located at offset 0 in frame: [ 0.000000] stack_trace_save+0x0/0xa6 [ 0.000000] [ 0.000000] This frame has 1 object: [ 0.000000] [32, 56) 'c' [ 0.000000] [ 0.000000] The buggy address belongs to the physical page: [ 0.000000] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x81a07 [ 0.000000] flags: 0x1000(reserved|zone=0) [ 0.000000] raw: 0000000000001000 ff600003f1e3d150 ff600003f1e3d150 0000000000000000 [ 0.000000] raw: 0000000000000000 0000000000000000 00000001ffffffff [ 0.000000] page dumped because: kasan: bad access detected [ 0.000000] [ 0.000000] Memory state around the buggy address: [ 0.000000] ffffffff81807b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0.000000] ffffffff81807b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0.000000] >ffffffff81807c00: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 00 f3 [ 0.000000] ^ [ 0.000000] ffffffff81807c80: f3 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 [ 0.000000] ffffffff81807d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0.000000] ================================================================== Fix that by using READ_ONCE_NOCHECK when reading the stack in imprecise mode.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 16:15:00 GMT

read more

CVE-2023-53136 - Linux af_unix Struct PID Leak Vulnerability

CVE ID : CVE-2023-53136
Published : May 2, 2025, 4:15 p.m. | 10 hours, 34 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: af_unix: fix struct pid leaks in OOB support syzbot reported struct pid leak [1]. Issue is that queue_oob() calls maybe_add_creds() which potentially holds a reference on a pid. But skb->destructor is not set (either directly or by calling unix_scm_to_skb()) This means that subsequent kfree_skb() or consume_skb() would leak this reference. In this fix, I chose to fully support scm even for the OOB message. [1] BUG: memory leak unreferenced object 0xffff8881053e7f80 (size 128): comm "syz-executor242", pid 5066, jiffies 4294946079 (age 13.220s) hex dump (first 32 bytes): 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [] alloc_pid+0x6a/0x560 kernel/pid.c:180 [] copy_process+0x169f/0x26c0 kernel/fork.c:2285 [] kernel_clone+0xf7/0x610 kernel/fork.c:2684 [] __do_sys_clone+0x7c/0xb0 kernel/fork.c:2825 [] do_syscall_x64 arch/x86/entry/common.c:50 [inline] [] do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80 [] entry_SYSCALL_64_after_hwframe+0x63/0xcd
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 16:15:00 GMT

read more

CVE-2023-53137 - Linux Kernel Ext4 Directory Corruption Vulnerability

CVE ID : CVE-2023-53137
Published : May 2, 2025, 4:15 p.m. | 10 hours, 34 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: ext4: Fix possible corruption when moving a directory When we are renaming a directory to a different directory, we need to update '..' entry in the moved directory. However nothing prevents moved directory from being modified and even converted from the inline format to the normal format. When such race happens the rename code gets confused and we crash. Fix the problem by locking the moved directory.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 16:15:00 GMT

read more

CVE-2023-53138 - Cisco CAIF Use-After-Free Vulnerability

CVE ID : CVE-2023-53138
Published : May 2, 2025, 4:15 p.m. | 10 hours, 34 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: net: caif: Fix use-after-free in cfusbl_device_notify() syzbot reported use-after-free in cfusbl_device_notify() [1]. This causes a stack trace like below: BUG: KASAN: use-after-free in cfusbl_device_notify+0x7c9/0x870 net/caif/caif_usb.c:138 Read of size 8 at addr ffff88807ac4e6f0 by task kworker/u4:6/1214 CPU: 0 PID: 1214 Comm: kworker/u4:6 Not tainted 5.19.0-rc3-syzkaller-00146-g92f20ff72066 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: netns cleanup_net Call Trace: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106 print_address_description.constprop.0.cold+0xeb/0x467 mm/kasan/report.c:313 print_report mm/kasan/report.c:429 [inline] kasan_report.cold+0xf4/0x1c6 mm/kasan/report.c:491 cfusbl_device_notify+0x7c9/0x870 net/caif/caif_usb.c:138 notifier_call_chain+0xb5/0x200 kernel/notifier.c:87 call_netdevice_notifiers_info+0xb5/0x130 net/core/dev.c:1945 call_netdevice_notifiers_extack net/core/dev.c:1983 [inline] call_netdevice_notifiers net/core/dev.c:1997 [inline] netdev_wait_allrefs_any net/core/dev.c:10227 [inline] netdev_run_todo+0xbc0/0x10f0 net/core/dev.c:10341 default_device_exit_batch+0x44e/0x590 net/core/dev.c:11334 ops_exit_list+0x125/0x170 net/core/net_namespace.c:167 cleanup_net+0x4ea/0xb00 net/core/net_namespace.c:594 process_one_work+0x996/0x1610 kernel/workqueue.c:2289 worker_thread+0x665/0x1080 kernel/workqueue.c:2436 kthread+0x2e9/0x3a0 kernel/kthread.c:376 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:302 When unregistering a net device, unregister_netdevice_many_notify() sets the device's reg_state to NETREG_UNREGISTERING, calls notifiers with NETDEV_UNREGISTER, and adds the device to the todo list. Later on, devices in the todo list are processed by netdev_run_todo(). netdev_run_todo() waits devices' reference count become 1 while rebdoadcasting NETDEV_UNREGISTER notification. When cfusbl_device_notify() is called with NETDEV_UNREGISTER multiple times, the parent device might be freed. This could cause UAF. Processing NETDEV_UNREGISTER multiple times also causes inbalance of reference count for the module. This patch fixes the issue by accepting only first NETDEV_UNREGISTER notification.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 16:15:00 GMT

read more

CVE-2023-53139 - Linux Kernel NFC fdp Null Pointer Dereference

CVE ID : CVE-2023-53139
Published : May 2, 2025, 4:15 p.m. | 10 hours, 34 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: nfc: fdp: add null check of devm_kmalloc_array in fdp_nci_i2c_read_device_properties devm_kmalloc_array may fails, *fw_vsc_cfg might be null and cause out-of-bounds write in device_property_read_u8_array later.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 16:15:00 GMT

read more

CVE-2023-53140 - "Linux Kernel SCSI Core /proc/scsi Directory Removal Vulnerability"

CVE ID : CVE-2023-53140
Published : May 2, 2025, 4:15 p.m. | 10 hours, 34 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: scsi: core: Remove the /proc/scsi/${proc_name} directory earlier Remove the /proc/scsi/${proc_name} directory earlier to fix a race condition between unloading and reloading kernel modules. This fixes a bug introduced in 2009 by commit 77c019768f06 ("[SCSI] fix /proc memory leak in the SCSI core"). Fix the following kernel warning: proc_dir_entry 'scsi/scsi_debug' already registered WARNING: CPU: 19 PID: 27986 at fs/proc/generic.c:376 proc_register+0x27d/0x2e0 Call Trace: proc_mkdir+0xb5/0xe0 scsi_proc_hostdir_add+0xb5/0x170 scsi_host_alloc+0x683/0x6c0 sdebug_driver_probe+0x6b/0x2d0 [scsi_debug] really_probe+0x159/0x540 __driver_probe_device+0xdc/0x230 driver_probe_device+0x4f/0x120 __device_attach_driver+0xef/0x180 bus_for_each_drv+0xe5/0x130 __device_attach+0x127/0x290 device_initial_probe+0x17/0x20 bus_probe_device+0x110/0x130 device_add+0x673/0xc80 device_register+0x1e/0x30 sdebug_add_host_helper+0x1a7/0x3b0 [scsi_debug] scsi_debug_init+0x64f/0x1000 [scsi_debug] do_one_initcall+0xd7/0x470 do_init_module+0xe7/0x330 load_module+0x122a/0x12c0 __do_sys_finit_module+0x124/0x1a0 __x64_sys_finit_module+0x46/0x50 do_syscall_64+0x38/0x80 entry_SYSCALL_64_after_hwframe+0x46/0xb0
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 16:15:00 GMT

read more

CVE-2023-53141 - Intel Ila Netlink Vulnerability

CVE ID : CVE-2023-53141
Published : May 2, 2025, 4:15 p.m. | 10 hours, 34 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: ila: do not generate empty messages in ila_xlat_nl_cmd_get_mapping() ila_xlat_nl_cmd_get_mapping() generates an empty skb, triggerring a recent sanity check [1]. Instead, return an error code, so that user space can get it. [1] skb_assert_len WARNING: CPU: 0 PID: 5923 at include/linux/skbuff.h:2527 skb_assert_len include/linux/skbuff.h:2527 [inline] WARNING: CPU: 0 PID: 5923 at include/linux/skbuff.h:2527 __dev_queue_xmit+0x1bc0/0x3488 net/core/dev.c:4156 Modules linked in: CPU: 0 PID: 5923 Comm: syz-executor269 Not tainted 6.2.0-syzkaller-18300-g2ebd1fbb946d #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : skb_assert_len include/linux/skbuff.h:2527 [inline] pc : __dev_queue_xmit+0x1bc0/0x3488 net/core/dev.c:4156 lr : skb_assert_len include/linux/skbuff.h:2527 [inline] lr : __dev_queue_xmit+0x1bc0/0x3488 net/core/dev.c:4156 sp : ffff80001e0d6c40 x29: ffff80001e0d6e60 x28: dfff800000000000 x27: ffff0000c86328c0 x26: dfff800000000000 x25: ffff0000c8632990 x24: ffff0000c8632a00 x23: 0000000000000000 x22: 1fffe000190c6542 x21: ffff0000c8632a10 x20: ffff0000c8632a00 x19: ffff80001856e000 x18: ffff80001e0d5fc0 x17: 0000000000000000 x16: ffff80001235d16c x15: 0000000000000000 x14: 0000000000000000 x13: 0000000000000001 x12: 0000000000000001 x11: ff80800008353a30 x10: 0000000000000000 x9 : 21567eaf25bfb600 x8 : 21567eaf25bfb600 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff80001e0d6558 x4 : ffff800015c74760 x3 : ffff800008596744 x2 : 0000000000000001 x1 : 0000000100000000 x0 : 000000000000000e Call trace: skb_assert_len include/linux/skbuff.h:2527 [inline] __dev_queue_xmit+0x1bc0/0x3488 net/core/dev.c:4156 dev_queue_xmit include/linux/netdevice.h:3033 [inline] __netlink_deliver_tap_skb net/netlink/af_netlink.c:307 [inline] __netlink_deliver_tap+0x45c/0x6f8 net/netlink/af_netlink.c:325 netlink_deliver_tap+0xf4/0x174 net/netlink/af_netlink.c:338 __netlink_sendskb net/netlink/af_netlink.c:1283 [inline] netlink_sendskb+0x6c/0x154 net/netlink/af_netlink.c:1292 netlink_unicast+0x334/0x8d4 net/netlink/af_netlink.c:1380 nlmsg_unicast include/net/netlink.h:1099 [inline] genlmsg_unicast include/net/genetlink.h:433 [inline] genlmsg_reply include/net/genetlink.h:443 [inline] ila_xlat_nl_cmd_get_mapping+0x620/0x7d0 net/ipv6/ila/ila_xlat.c:493 genl_family_rcv_msg_doit net/netlink/genetlink.c:968 [inline] genl_family_rcv_msg net/netlink/genetlink.c:1048 [inline] genl_rcv_msg+0x938/0xc1c net/netlink/genetlink.c:1065 netlink_rcv_skb+0x214/0x3c4 net/netlink/af_netlink.c:2574 genl_rcv+0x38/0x50 net/netlink/genetlink.c:1076 netlink_unicast_kernel net/netlink/af_netlink.c:1339 [inline] netlink_unicast+0x660/0x8d4 net/netlink/af_netlink.c:1365 netlink_sendmsg+0x800/0xae0 net/netlink/af_netlink.c:1942 sock_sendmsg_nosec net/socket.c:714 [inline] sock_sendmsg net/socket.c:734 [inline] ____sys_sendmsg+0x558/0x844 net/socket.c:2479 ___sys_sendmsg net/socket.c:2533 [inline] __sys_sendmsg+0x26c/0x33c net/socket.c:2562 __do_sys_sendmsg net/socket.c:2571 [inline] __se_sys_sendmsg net/socket.c:2569 [inline] __arm64_sys_sendmsg+0x80/0x94 net/socket.c:2569 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline] invoke_syscall+0x98/0x2c0 arch/arm64/kernel/syscall.c:52 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142 do_el0_svc+0x64/0x198 arch/arm64/kernel/syscall.c:193 el0_svc+0x58/0x168 arch/arm64/kernel/entry-common.c:637 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:591 irq event stamp: 136484 hardirqs last enabled at (136483): [] __up_console_sem+0x60/0xb4 kernel/printk/printk.c:345 hardirqs last disabled at (136484): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:405 softirqs last enabled at (136418): [] softirq_ha ---truncated---
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 16:15:00 GMT

read more

CVE-2023-53142 - "Ice: Buffer Overflow in ice_get_module_eeprom()"

CVE ID : CVE-2023-53142
Published : May 2, 2025, 4:15 p.m. | 10 hours, 34 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: ice: copy last block omitted in ice_get_module_eeprom() ice_get_module_eeprom() is broken since commit e9c9692c8a81 ("ice: Reimplement module reads used by ethtool") In this refactor, ice_get_module_eeprom() reads the eeprom in blocks of size 8. But the condition that should protect the buffer overflow ignores the last block. The last block always contains zeros. Bug uncovered by ethtool upstream commit 9538f384b535 ("netlink: eeprom: Defer page requests to individual parsers") After this commit, ethtool reads a block with length = 1; to read the SFF-8024 identifier value. unpatched driver: $ ethtool -m enp65s0f0np0 offset 0x90 length 8 Offset Values ------ ------ 0x0090: 00 00 00 00 00 00 00 00 $ ethtool -m enp65s0f0np0 offset 0x90 length 12 Offset Values ------ ------ 0x0090: 00 00 01 a0 4d 65 6c 6c 00 00 00 00 $ $ ethtool -m enp65s0f0np0 Offset Values ------ ------ 0x0000: 11 06 06 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0060: 00 00 00 00 00 00 00 00 00 00 00 00 00 01 08 00 0x0070: 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 patched driver: $ ethtool -m enp65s0f0np0 offset 0x90 length 8 Offset Values ------ ------ 0x0090: 00 00 01 a0 4d 65 6c 6c $ ethtool -m enp65s0f0np0 offset 0x90 length 12 Offset Values ------ ------ 0x0090: 00 00 01 a0 4d 65 6c 6c 61 6e 6f 78 $ ethtool -m enp65s0f0np0 Identifier : 0x11 (QSFP28) Extended identifier : 0x00 Extended identifier description : 1.5W max. Power consumption Extended identifier description : No CDR in TX, No CDR in RX Extended identifier description : High Power Class (> 3.5 W) not enabled Connector : 0x23 (No separable connector) Transceiver codes : 0x88 0x00 0x00 0x00 0x00 0x00 0x00 0x00 Transceiver type : 40G Ethernet: 40G Base-CR4 Transceiver type : 25G Ethernet: 25G Base-CR CA-N Encoding : 0x05 (64B/66B) BR, Nominal : 25500Mbps Rate identifier : 0x00 Length (SMF,km) : 0km Length (OM3 50um) : 0m Length (OM2 50um) : 0m Length (OM1 62.5um) : 0m Length (Copper or Active cable) : 1m Transmitter technology : 0xa0 (Copper cable unequalized) Attenuation at 2.5GHz : 4db Attenuation at 5.0GHz : 5db Attenuation at 7.0GHz : 7db Attenuation at 12.9GHz : 10db ........ ....
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 16:15:00 GMT

read more

CVE-2023-53143 - "Ext4 Linux Kernel Off-by-One Error in fsmap Handling"

CVE ID : CVE-2023-53143
Published : May 2, 2025, 4:15 p.m. | 10 hours, 34 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: ext4: fix another off-by-one fsmap error on 1k block filesystems Apparently syzbot figured out that issuing this FSMAP call: struct fsmap_head cmd = { .fmh_count = ...; .fmh_keys = { { .fmr_device = /* ext4 dev */, .fmr_physical = 0, }, { .fmr_device = /* ext4 dev */, .fmr_physical = 0, }, }, ... }; ret = ioctl(fd, FS_IOC_GETFSMAP, &cmd); Produces this crash if the underlying filesystem is a 1k-block ext4 filesystem: kernel BUG at fs/ext4/ext4.h:3331! invalid opcode: 0000 [#1] PREEMPT SMP CPU: 3 PID: 3227965 Comm: xfs_io Tainted: G W O 6.2.0-rc8-achx Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014 RIP: 0010:ext4_mb_load_buddy_gfp+0x47c/0x570 [ext4] RSP: 0018:ffffc90007c03998 EFLAGS: 00010246 RAX: ffff888004978000 RBX: ffffc90007c03a20 RCX: ffff888041618000 RDX: 0000000000000000 RSI: 00000000000005a4 RDI: ffffffffa0c99b11 RBP: ffff888012330000 R08: ffffffffa0c2b7d0 R09: 0000000000000400 R10: ffffc90007c03950 R11: 0000000000000000 R12: 0000000000000001 R13: 00000000ffffffff R14: 0000000000000c40 R15: ffff88802678c398 FS: 00007fdf2020c880(0000) GS:ffff88807e100000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007ffd318a5fe8 CR3: 000000007f80f001 CR4: 00000000001706e0 Call Trace: ext4_mballoc_query_range+0x4b/0x210 [ext4 dfa189daddffe8fecd3cdfd00564e0f265a8ab80] ext4_getfsmap_datadev+0x713/0x890 [ext4 dfa189daddffe8fecd3cdfd00564e0f265a8ab80] ext4_getfsmap+0x2b7/0x330 [ext4 dfa189daddffe8fecd3cdfd00564e0f265a8ab80] ext4_ioc_getfsmap+0x153/0x2b0 [ext4 dfa189daddffe8fecd3cdfd00564e0f265a8ab80] __ext4_ioctl+0x2a7/0x17e0 [ext4 dfa189daddffe8fecd3cdfd00564e0f265a8ab80] __x64_sys_ioctl+0x82/0xa0 do_syscall_64+0x2b/0x80 entry_SYSCALL_64_after_hwframe+0x46/0xb0 RIP: 0033:0x7fdf20558aff RSP: 002b:00007ffd318a9e30 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00000000000200c0 RCX: 00007fdf20558aff RDX: 00007fdf1feb2010 RSI: 00000000c0c0583b RDI: 0000000000000003 RBP: 00005625c0634be0 R08: 00005625c0634c40 R09: 0000000000000001 R10: 0000000000000000 R11: 0000000000000246 R12: 00007fdf1feb2010 R13: 00005625be70d994 R14: 0000000000000800 R15: 0000000000000000 For GETFSMAP calls, the caller selects a physical block device by writing its block number into fsmap_head.fmh_keys[01].fmr_device. To query mappings for a subrange of the device, the starting byte of the range is written to fsmap_head.fmh_keys[0].fmr_physical and the last byte of the range goes in fsmap_head.fmh_keys[1].fmr_physical. IOWs, to query what mappings overlap with bytes 3-14 of /dev/sda, you'd set the inputs as follows: fmh_keys[0] = { .fmr_device = major(8, 0), .fmr_physical = 3}, fmh_keys[1] = { .fmr_device = major(8, 0), .fmr_physical = 14}, Which would return you whatever is mapped in the 12 bytes starting at physical offset 3. The crash is due to insufficient range validation of keys[1] in ext4_getfsmap_datadev. On 1k-block filesystems, block 0 is not part of the filesystem, which means that s_first_data_block is nonzero. ext4_get_group_no_and_offset subtracts this quantity from the blocknr argument before cracking it into a group number and a block number within a group. IOWs, block group 0 spans blocks 1-8192 (1-based) instead of 0-8191 (0-based) like what happens with larger blocksizes. The net result of this encoding is that blocknr < s_first_data_block is not a valid input to this function. The end_fsb variable is set from the keys that are copied from userspace, which means that in the above example, its value is zero. That leads to an underflow here: blocknr = blocknr - le32_to_cpu(es->s_first_data_block); The division then operates on -1: offset = do_div(blocknr, EXT4_BLOCKS_PER_GROUP(sb)) >> EXT4_SB(sb)->s_cluster_bits; Leaving an impossibly large group number (2^32-1) in blocknr. ext4_getfsmap_check_keys checked that keys[0 ---truncated---
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 16:15:00 GMT

read more

CVE-2023-53144 - Linux Kernel erofs LZMA HIGHMEM NULL Pointer Dereference Vulnerability

CVE ID : CVE-2023-53144
Published : May 2, 2025, 4:15 p.m. | 10 hours, 34 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: erofs: fix wrong kunmap when using LZMA on HIGHMEM platforms As the call trace shown, the root cause is kunmap incorrect pages: BUG: kernel NULL pointer dereference, address: 00000000 CPU: 1 PID: 40 Comm: kworker/u5:0 Not tainted 6.2.0-rc5 #4 Workqueue: erofs_worker z_erofs_decompressqueue_work EIP: z_erofs_lzma_decompress+0x34b/0x8ac z_erofs_decompress+0x12/0x14 z_erofs_decompress_queue+0x7e7/0xb1c z_erofs_decompressqueue_work+0x32/0x60 process_one_work+0x24b/0x4d8 ? process_one_work+0x1a4/0x4d8 worker_thread+0x14c/0x3fc kthread+0xe6/0x10c ? rescuer_thread+0x358/0x358 ? kthread_complete_and_exit+0x18/0x18 ret_from_fork+0x1c/0x28 ---[ end trace 0000000000000000 ]--- The bug is trivial and should be fixed now. It has no impact on !HIGHMEM platforms.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 16:15:00 GMT

read more

CVE-2025-4210 - Casdoor SCIM User Creation Endpoint Authorization Bypass Vulnerability

CVE ID : CVE-2025-4210
Published : May 2, 2025, 4:15 p.m. | 10 hours, 34 minutes ago
Description : A vulnerability classified as critical was found in Casdoor up to 1.811.0. This vulnerability affects the function HandleScim of the file controllers/scim.go of the component SCIM User Creation Endpoint. The manipulation leads to authorization bypass. The attack can be initiated remotely. Upgrading to version 1.812.0 is able to address this issue. The name of the patch is 3d12ac8dc2282369296c3386815c00a06c6a92fe. It is recommended to upgrade the affected component.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 16:15:00 GMT

read more

CVE-2023-53127 - Linux Kernel SCSI MPI3MR Resource Leak Vulnerability

CVE ID : CVE-2023-53127
Published : May 2, 2025, 4:15 p.m. | 4 hours, 31 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix expander node leak in mpi3mr_remove() Add a missing resource clean up in .remove.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 16:15:00 GMT

read more

CVE-2023-53128 - "IBM Storage Media Initiator (MPI) 3.0.x Memory Leak Vulnerability"

CVE ID : CVE-2023-53128
Published : May 2, 2025, 4:15 p.m. | 4 hours, 31 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix throttle_groups memory leak Add a missing kfree().
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 16:15:00 GMT

read more

CVE-2023-53129 - Linux Kernel - ext4 Directory Rename Deadlock Vulnerability

CVE ID : CVE-2023-53129
Published : May 2, 2025, 4:15 p.m. | 4 hours, 31 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: ext4: Fix deadlock during directory rename As lockdep properly warns, we should not be locking i_rwsem while having transactions started as the proper lock ordering used by all directory handling operations is i_rwsem -> transaction start. Fix the lock ordering by moving the locking of the directory earlier in ext4_rename().
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 16:15:00 GMT

read more

CVE-2023-53130 - Linux Kernel Block Device Exclusivity Leak

CVE ID : CVE-2023-53130
Published : May 2, 2025, 4:15 p.m. | 4 hours, 31 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: block: fix wrong mode for blkdev_put() from disk_scan_partitions() If disk_scan_partitions() is called with 'FMODE_EXCL', blkdev_get_by_dev() will be called without 'FMODE_EXCL', however, follow blkdev_put() is still called with 'FMODE_EXCL', which will cause 'bd_holders' counter to leak. Fix the problem by using the right mode for blkdev_put().
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 16:15:00 GMT

read more

CVE-2023-53131 - SunRPC Thread Shutdown Leak

CVE ID : CVE-2023-53131
Published : May 2, 2025, 4:15 p.m. | 4 hours, 31 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix a server shutdown leak Fix a race where kthread_stop() may prevent the threadfn from ever getting called. If that happens the svc_rqst will not be cleaned up.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 16:15:00 GMT

read more

CVE-2023-53132 - "Mellanox MPI3MR Linux Kernel Memory Leak"

CVE ID : CVE-2023-53132
Published : May 2, 2025, 4:15 p.m. | 4 hours, 31 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix mpi3mr_hba_port memory leak in mpi3mr_remove() Free mpi3mr_hba_port at .remove.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 16:15:00 GMT

read more

CVE-2023-53133 - Apache Linux bpf Infinite Loop Vulnerability

CVE ID : CVE-2023-53133
Published : May 2, 2025, 4:15 p.m. | 4 hours, 31 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix an infinite loop error when len is 0 in tcp_bpf_recvmsg_parser() When the buffer length of the recvmsg system call is 0, we got the flollowing soft lockup problem: watchdog: BUG: soft lockup - CPU#3 stuck for 27s! [a.out:6149] CPU: 3 PID: 6149 Comm: a.out Kdump: loaded Not tainted 6.2.0+ #30 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014 RIP: 0010:remove_wait_queue+0xb/0xc0 Code: 5e 41 5f c3 cc cc cc cc 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 41 57 <41> 56 41 55 41 54 55 48 89 fd 53 48 89 f3 4c 8d 6b 18 4c 8d 73 20 RSP: 0018:ffff88811b5978b8 EFLAGS: 00000246 RAX: 0000000000000000 RBX: ffff88811a7d3780 RCX: ffffffffb7a4d768 RDX: dffffc0000000000 RSI: ffff88811b597908 RDI: ffff888115408040 RBP: 1ffff110236b2f1b R08: 0000000000000000 R09: ffff88811a7d37e7 R10: ffffed10234fa6fc R11: 0000000000000001 R12: ffff88811179b800 R13: 0000000000000001 R14: ffff88811a7d38a8 R15: ffff88811a7d37e0 FS: 00007f6fb5398740(0000) GS:ffff888237180000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000020000000 CR3: 000000010b6ba002 CR4: 0000000000370ee0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: tcp_msg_wait_data+0x279/0x2f0 tcp_bpf_recvmsg_parser+0x3c6/0x490 inet_recvmsg+0x280/0x290 sock_recvmsg+0xfc/0x120 ____sys_recvmsg+0x160/0x3d0 ___sys_recvmsg+0xf0/0x180 __sys_recvmsg+0xea/0x1a0 do_syscall_64+0x3f/0x90 entry_SYSCALL_64_after_hwframe+0x72/0xdc The logic in tcp_bpf_recvmsg_parser is as follows: msg_bytes_ready: copied = sk_msg_recvmsg(sk, psock, msg, len, flags); if (!copied) { wait data; goto msg_bytes_ready; } In this case, "copied" always is 0, the infinite loop occurs. According to the Linux system call man page, 0 should be returned in this case. Therefore, in tcp_bpf_recvmsg_parser(), if the length is 0, directly return. Also modify several other functions with the same problem.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 16:15:00 GMT

read more

CVE-2023-53134 - "Broadcom bnxt_en Linux kernel Memory Allocation Vulnerability"

CVE ID : CVE-2023-53134
Published : May 2, 2025, 4:15 p.m. | 4 hours, 31 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Avoid order-5 memory allocation for TPA data The driver needs to keep track of all the possible concurrent TPA (GRO/LRO) completions on the aggregation ring. On P5 chips, the maximum number of concurrent TPA is 256 and the amount of memory we allocate is order-5 on systems using 4K pages. Memory allocation failure has been reported: NetworkManager: page allocation failure: order:5, mode:0x40dc0(GFP_KERNEL|__GFP_COMP|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 CPU: 15 PID: 2995 Comm: NetworkManager Kdump: loaded Not tainted 5.10.156 #1 Hardware name: Dell Inc. PowerEdge R660/0M1CC5, BIOS 0.2.25 08/12/2022 Call Trace: dump_stack+0x57/0x6e warn_alloc.cold.120+0x7b/0xdd ? _cond_resched+0x15/0x30 ? __alloc_pages_direct_compact+0x15f/0x170 __alloc_pages_slowpath.constprop.108+0xc58/0xc70 __alloc_pages_nodemask+0x2d0/0x300 kmalloc_order+0x24/0xe0 kmalloc_order_trace+0x19/0x80 bnxt_alloc_mem+0x1150/0x15c0 [bnxt_en] ? bnxt_get_func_stat_ctxs+0x13/0x60 [bnxt_en] __bnxt_open_nic+0x12e/0x780 [bnxt_en] bnxt_open+0x10b/0x240 [bnxt_en] __dev_open+0xe9/0x180 __dev_change_flags+0x1af/0x220 dev_change_flags+0x21/0x60 do_setlink+0x35c/0x1100 Instead of allocating this big chunk of memory and dividing it up for the concurrent TPA instances, allocate each small chunk separately for each TPA instance. This will reduce it to order-0 allocations.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 16:15:00 GMT

read more

CVE-2023-53125 - "Linux Kernel SMSc75xx Network Stack Buffer Overflow"

CVE ID : CVE-2023-53125
Published : May 2, 2025, 4:15 p.m. | 2 hours, 34 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Limit packet length to skb->len Packet length retrieved from skb data may be larger than the actual socket buffer length (up to 9026 bytes). In such case the cloned skb passed up the network stack will leak kernel memory contents.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 16:15:00 GMT

read more

CVE-2023-53126 - Linux Kernel SCSI MPI3MR Memory Leak

CVE ID : CVE-2023-53126
Published : May 2, 2025, 4:15 p.m. | 2 hours, 34 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix sas_hba.phy memory leak in mpi3mr_remove() Free mrioc->sas_hba.phy at .remove.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 16:15:00 GMT

read more

CVE-2023-53121 - Linux Kernel TCP Information Disclosure Vulnerability

CVE ID : CVE-2023-53121
Published : May 2, 2025, 4:15 p.m. | 30 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: tcp: tcp_make_synack() can be called from process context tcp_rtx_synack() now could be called in process context as explained in 0a375c822497 ("tcp: tcp_rtx_synack() can be called from process context"). tcp_rtx_synack() might call tcp_make_synack(), which will touch per-CPU variables with preemption enabled. This causes the following BUG: BUG: using __this_cpu_add() in preemptible [00000000] code: ThriftIO1/5464 caller is tcp_make_synack+0x841/0xac0 Call Trace: dump_stack_lvl+0x10d/0x1a0 check_preemption_disabled+0x104/0x110 tcp_make_synack+0x841/0xac0 tcp_v6_send_synack+0x5c/0x450 tcp_rtx_synack+0xeb/0x1f0 inet_rtx_syn_ack+0x34/0x60 tcp_check_req+0x3af/0x9e0 tcp_rcv_state_process+0x59b/0x2030 tcp_v6_do_rcv+0x5f5/0x700 release_sock+0x3a/0xf0 tcp_sendmsg+0x33/0x40 ____sys_sendmsg+0x2f2/0x490 __sys_sendmsg+0x184/0x230 do_syscall_64+0x3d/0x90 Avoid calling __TCP_INC_STATS() with will touch per-cpu variables. Use TCP_INC_STATS() which is safe to be called from context switch.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 16:15:00 GMT

read more

CVE-2023-53122 - RISC-V SiFive Errata Patching Mutex Vulnerability

CVE ID : CVE-2023-53122
Published : May 2, 2025, 4:15 p.m. | 30 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: RISC-V: fix taking the text_mutex twice during sifive errata patching Chris pointed out that some bonehead, *cough* me *cough*, added two mutex_locks() to the SiFive errata patching. The second was meant to have been a mutex_unlock(). This results in errors such as Unable to handle kernel NULL pointer dereference at virtual address 0000000000000030 Oops [#1] Modules linked in: CPU: 0 PID: 0 Comm: swapper Not tainted 6.2.0-rc1-starlight-00079-g9493e6f3ce02 #229 Hardware name: BeagleV Starlight Beta (DT) epc : __schedule+0x42/0x500 ra : schedule+0x46/0xce epc : ffffffff8065957c ra : ffffffff80659a80 sp : ffffffff81203c80 gp : ffffffff812d50a0 tp : ffffffff8120db40 t0 : ffffffff81203d68 t1 : 0000000000000001 t2 : 4c45203a76637369 s0 : ffffffff81203cf0 s1 : ffffffff8120db40 a0 : 0000000000000000 a1 : ffffffff81213958 a2 : ffffffff81213958 a3 : 0000000000000000 a4 : 0000000000000000 a5 : ffffffff80a1bd00 a6 : 0000000000000000 a7 : 0000000052464e43 s2 : ffffffff8120db41 s3 : ffffffff80a1ad00 s4 : 0000000000000000 s5 : 0000000000000002 s6 : ffffffff81213938 s7 : 0000000000000000 s8 : 0000000000000000 s9 : 0000000000000001 s10: ffffffff812d7204 s11: ffffffff80d3c920 t3 : 0000000000000001 t4 : ffffffff812e6dd7 t5 : ffffffff812e6dd8 t6 : ffffffff81203bb8 status: 0000000200000100 badaddr: 0000000000000030 cause: 000000000000000d [] schedule+0x46/0xce [] schedule_preempt_disabled+0x16/0x28 [] __mutex_lock.constprop.0+0x3fe/0x652 [] __mutex_lock_slowpath+0xe/0x16 [] mutex_lock+0x42/0x4c [] sifive_errata_patch_func+0xf6/0x18c [] _apply_alternatives+0x74/0x76 [] apply_boot_alternatives+0x3c/0xfa [] setup_arch+0x60c/0x640 [] start_kernel+0x8e/0x99c ---[ end trace 0000000000000000 ]--- [Palmer: pick up Geert's bug report from the thread]
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 16:15:00 GMT

read more

CVE-2023-53123 - Linux Kernel PCI s390 Use-After-Free Vulnerability

CVE ID : CVE-2023-53123
Published : May 2, 2025, 4:15 p.m. | 30 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: PCI: s390: Fix use-after-free of PCI resources with per-function hotplug On s390 PCI functions may be hotplugged individually even when they belong to a multi-function device. In particular on an SR-IOV device VFs may be removed and later re-added. In commit a50297cf8235 ("s390/pci: separate zbus creation from scanning") it was missed however that struct pci_bus and struct zpci_bus's resource list retained a reference to the PCI functions MMIO resources even though those resources are released and freed on hot-unplug. These stale resources may subsequently be claimed when the PCI function re-appears resulting in use-after-free. One idea of fixing this use-after-free in s390 specific code that was investigated was to simply keep resources around from the moment a PCI function first appeared until the whole virtual PCI bus created for a multi-function device disappears. The problem with this however is that due to the requirement of artificial MMIO addreesses (address cookies) extra logic is then needed to keep the address cookies compatible on re-plug. At the same time the MMIO resources semantically belong to the PCI function so tying their lifecycle to the function seems more logical. Instead a simpler approach is to remove the resources of an individually hot-unplugged PCI function from the PCI bus's resource list while keeping the resources of other PCI functions on the PCI bus untouched. This is done by introducing pci_bus_remove_resource() to remove an individual resource. Similarly the resource also needs to be removed from the struct zpci_bus's resource list. It turns out however, that there is really no need to add the MMIO resources to the struct zpci_bus's resource list at all and instead we can simply use the zpci_bar_struct's resource pointer directly.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 16:15:00 GMT

read more

CVE-2023-53124 - MPT3SAS NULL Pointer Access Vulnerability

CVE ID : CVE-2023-53124
Published : May 2, 2025, 4:15 p.m. | 30 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add() Port is allocated by sas_port_alloc_num() and rphy is allocated by either sas_end_device_alloc() or sas_expander_alloc(), all of which may return NULL. So we need to check the rphy to avoid possible NULL pointer access. If sas_rphy_add() returned with failure, rphy is set to NULL. We would access the rphy in the following lines which would also result NULL pointer access.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 16:15:00 GMT

read more

CVE-2025-2605 - Honeywell MB-Secure OS Command Injection Vulnerability

CVE ID : CVE-2025-2605
Published : May 2, 2025, 1:15 p.m. | 1 hour, 9 minutes ago
Description : Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Honeywell MB-Secure allows Privilege Abuse. This issue affects MB-Secure: from V11.04 before V12.53 and MB-Secure PRO from V01.06 before V03.09.Honeywell also recommends updating to the most recent version of this product.
Severity: 9.9 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 13:15:00 GMT

read more

CVE-2025-4204 - WordPress Ultimate Auction Pro SQL Injection Vulnerability

CVE ID : CVE-2025-4204
Published : May 2, 2025, 1:15 p.m. | 1 hour, 9 minutes ago
Description : The Ultimate Auction Pro plugin for WordPress is vulnerable to SQL Injection via the ‘auction_id’ parameter in all versions up to, and including, 1.5.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 13:15:00 GMT

read more

CVE-2025-2421 - Profelis Informatics SambaBox Code Injection Vulnerability

CVE ID : CVE-2025-2421
Published : May 2, 2025, 12:15 p.m. | 2 hours, 10 minutes ago
Description : Improper Control of Generation of Code ('Code Injection') vulnerability in Profelis Informatics SambaBox allows Code Injection.This issue affects SambaBox: before 5.1.
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 12:15:00 GMT

read more

CVE-2025-2488 - Profelis Informatics SambaBox Cross-Site Scripting (XSS)

CVE ID : CVE-2025-2488
Published : May 2, 2025, 12:15 p.m. | 2 hours, 10 minutes ago
Description : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Profelis Informatics SambaBox allows Cross-Site Scripting (XSS).This issue affects SambaBox: before 5.1.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 12:15:00 GMT

read more

CVE-2025-1301 - Yordam Informatics Library Automation System Reflected Cross-site Scripting Vulnerability

CVE ID : CVE-2025-1301
Published : May 2, 2025, 11:15 a.m. | 3 hours, 9 minutes ago
Description : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Yordam Informatics Library Automation System allows Reflected XSS.This issue affects Library Automation System: before 21.6.
Severity: 7.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 11:15:00 GMT

read more

CVE-2025-0072 - Arm Ltd Valhall GPU Kernel Driver After Free Vulnerability

CVE ID : CVE-2025-0072
Published : May 2, 2025, 10:15 a.m. | 4 hours, 10 minutes ago
Description : Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU memory processing operations to gain access to already freed memory. This issue affects Valhall GPU Kernel Driver: from r29p0 through r49p3, from r50p0 through r53p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r49p3, from r50p0 through r53p0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 10:15:00 GMT

read more

CVE-2025-0427 - Arm Ltd Bifrost GPU, Valhall GPU, Arm 5th Gen GPU Architecture After Free Information Disclosure

CVE ID : CVE-2025-0427
Published : May 2, 2025, 10:15 a.m. | 4 hours, 10 minutes ago
Description : Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform valid GPU processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r8p0 through r49p3, from r50p0 through r51p0; Valhall GPU Kernel Driver: from r19p0 through r49p3, from r50p0 through r53p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r49p3, from r50p0 through r53p0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 10:15:00 GMT

read more

CVE-2025-2812 - Mydata Informatics Ticket Sales Automation SQL Injection

CVE ID : CVE-2025-2812
Published : May 2, 2025, 9:15 a.m. | 5 hours, 10 minutes ago
Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mydata Informatics Ticket Sales Automation allows Blind SQL Injection.This issue affects Ticket Sales Automation: before 03.04.2025 (DD.MM.YYYY).
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 09:15:00 GMT

read more

CVE-2024-11142 - Gosoft Software Proticaret E-Commerce CSRF Vulnerability

CVE ID : CVE-2024-11142
Published : May 2, 2025, 8:15 a.m. | 6 hours, 10 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in Gosoft Software Proticaret E-Commerce allows Cross Site Request Forgery.This issue affects Proticaret E-Commerce: before v6.0 NOTE: According to the vendor, fixing process is still ongoing for v4.05.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 08:15:00 GMT

read more

CVE-2024-13858 - Buddyboss Platform Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2024-13858
Published : May 2, 2025, 7:15 a.m. | 7 hours, 9 minutes ago
Description : The Buddyboss Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘invitee_name’ parameter in all versions up to, and including, 2.8.50 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The vulnerability was partially patched in version 2.8.41.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 07:15:00 GMT

read more

CVE-2024-13859 - Buddyboss WordPress Stored Cross-Site Scripting

CVE ID : CVE-2024-13859
Published : May 2, 2025, 7:15 a.m. | 7 hours, 9 minutes ago
Description : The Buddyboss Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘bp_nouveau_ajax_media_save’ function in all versions up to, and including, 2.8.50 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The vulnerability was partially patched in version 2.8.41.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 07:15:00 GMT

read more

CVE-2024-13860 - Buddyboss WordPress Stored Cross-Site Scripting

CVE ID : CVE-2024-13860
Published : May 2, 2025, 7:15 a.m. | 7 hours, 9 minutes ago
Description : The Buddyboss Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘bbp_topic_title’ parameter in all versions up to, and including, 2.8.50 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The vulnerability was partially patched in version 2.8.41.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 07:15:00 GMT

read more

CVE-2025-3438 - WordPress WCFM Marketplace MStore API Privilege Escalation

CVE ID : CVE-2025-3438
Published : May 2, 2025, 6:15 a.m. | 8 hours, 9 minutes ago
Description : The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to limited privilege escalation in all versions up to, and including, 4.17.4. This is due to a lack of restriction of role when registering. This makes it possible for unauthenticated attackers to to register with the 'wcfm_vendor' role, which is a Store Vendor role in the WCFM Marketplace – Multivendor Marketplace for WooCommerce plugin for WordPress. The vulnerability can only be exploited if the WCFM Marketplace – Multivendor Marketplace for WooCommerce plugin is installed and activated. The vulnerability was partially patched in version 4.17.3.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 06:15:00 GMT

read more

CVE-2025-3488 - WordPress WPML Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3488
Published : May 2, 2025, 6:15 a.m. | 8 hours, 9 minutes ago
Description : The WPML plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpml_language_switcher shortcode in versions 3.6.0 - 4.7.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 06:15:00 GMT

read more

CVE-2025-3513 - "SureForms WordPress Stored Cross-Site Scripting"

CVE ID : CVE-2025-3513
Published : May 2, 2025, 6:15 a.m. | 8 hours, 9 minutes ago
Description : The SureForms WordPress plugin before 1.4.4 does not sanitise and escape some of its Form settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 06:15:00 GMT

read more

CVE-2025-3514 - "SureForms WordPress Stored Cross-Site Scripting Vulnerability"

CVE ID : CVE-2025-3514
Published : May 2, 2025, 6:15 a.m. | 8 hours, 9 minutes ago
Description : The SureForms WordPress plugin before 1.4.4 does not sanitise and escape some of its Form settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 06:15:00 GMT

read more

CVE-2025-47201 - Intrexx Portal Server Cross-Site Scripting (XSS)

CVE ID : CVE-2025-47201
Published : May 2, 2025, 6:15 a.m. | 8 hours, 9 minutes ago
Description : In Intrexx Portal Server before 12.0.4, multiple Velocity-Scripts are susceptible to the execution of unrequested JavaScript code in HTML, aka XSS.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 06:15:00 GMT

read more

CVE-2025-1326 - Homey WordPress Missing Capability Check Data Deletion Vulnerability

CVE ID : CVE-2025-1326
Published : May 2, 2025, 4:15 a.m. | 10 hours, 9 minutes ago
Description : The Homey theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the homey_reservation_del() function in all versions up to, and including, 2.4.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary reservations and posts.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 04:15:00 GMT

read more

CVE-2025-1327 - "Homey WordPress Theme Insecure Direct Object Reference Vulnerability"

CVE ID : CVE-2025-1327
Published : May 2, 2025, 4:15 a.m. | 10 hours, 9 minutes ago
Description : The Homey theme for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.4.4 via the 'homey_delete_user_account' action due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete other user's accounts.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 04:15:00 GMT

read more

CVE-2025-3510 - TagDiv Composer WordPress Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3510
Published : May 2, 2025, 4:15 a.m. | 10 hours, 9 minutes ago
Description : The tagDiv Composer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple shortcodes in all versions up to, and including, 5.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 04:15:00 GMT

read more

CVE-2025-3707 - Sunnet eHDR CTMS SQL Injection

CVE ID : CVE-2025-3707
Published : May 2, 2025, 4:15 a.m. | 10 hours, 9 minutes ago
Description : The eHDR CTMS from Sunnet has a SQL Injection vulnerability, allowing remote attackers with regular privileges to inject arbitrary SQL command to read database contents.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 04:15:00 GMT

read more

CVE-2025-3708 - Le-Yan Le-Show Medical SQL Injection Vulnerability

CVE ID : CVE-2025-3708
Published : May 2, 2025, 4:15 a.m. | 10 hours, 9 minutes ago
Description : Le-show medical practice management system from Le-yan has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 04:15:00 GMT

read more

CVE-2025-3709 - Agentflow from Flowring Technology Account Lockout Bypass Vulnerability

CVE ID : CVE-2025-3709
Published : May 2, 2025, 4:15 a.m. | 10 hours, 9 minutes ago
Description : Agentflow from Flowring Technology has an Account Lockout Bypass vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to perform password brute force attack.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 04:15:00 GMT

read more

CVE-2025-3748 - WordPress Taxonomy Chain Menu Stored Cross-Site Scripting

CVE ID : CVE-2025-3748
Published : May 2, 2025, 4:15 a.m. | 10 hours, 9 minutes ago
Description : The Taxonomy Chain Menu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's pn_chain_menu shortcode in all versions up to, and including, 1.0.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 04:15:00 GMT

read more

CVE-2025-3858 - WordPress Formality Plugin Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3858
Published : May 2, 2025, 4:15 a.m. | 10 hours, 9 minutes ago
Description : The Formality plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘align’ parameter in all versions up to, and including, 1.5.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 04:15:00 GMT

read more

CVE-2024-13419 - WordPress Smart Framework Stored Cross-Site Scripting

CVE ID : CVE-2024-13419
Published : May 2, 2025, 4:15 a.m. | 8 hours, 30 minutes ago
Description : Multiple plugins and/or themes for WordPress using Smart Framework are vulnerable to Stored Cross-Site Scripting due to a missing capability check on the saveOptions() and importThemeOptions() functions in various versions. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update the plugin's settings which includes custom JavaScript that is enabled site-wide. This issue was escalated to Envato over two months from the date of this disclosure and the issue is still vulnerable.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 04:15:00 GMT

read more

CVE-2024-13420 - WordPress Envato Theme/Plugin Unauthorized Access Vulnerability

CVE ID : CVE-2024-13420
Published : May 2, 2025, 4:15 a.m. | 8 hours, 30 minutes ago
Description : Multiple plugins and/or themes for WordPress are vulnerable to unauthorized access due to a missing capability check on several AJAX actions like 'gsf_reset_section_options', 'gsf_reset_section_options', 'gsf_create_preset_options' and more in various versions. This makes it possible for authenticated attackers, with Subscriber-level access and above, to reset and modify some of the plugin/theme settings. This issue was escalated to Envato over two months from the date of this disclosure and the issues, while partially patched, are still vulnerable.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 04:15:00 GMT

read more

CVE-2024-13322 - WordPress Ads Pro Plugin SQL Injection Vulnerability

CVE ID : CVE-2024-13322
Published : May 2, 2025, 4:15 a.m. | 6 hours, 29 minutes ago
Description : The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to SQL Injection via the 'a_id' parameter in all versions up to, and including, 4.88 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 04:15:00 GMT

read more

CVE-2024-13344 - WooCommerce Advance Seat Reservation SQL Injection

CVE ID : CVE-2024-13344
Published : May 2, 2025, 4:15 a.m. | 6 hours, 29 minutes ago
Description : The Advance Seat Reservation Management for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'profileId' parameter in all versions up to, and including, 3.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 04:15:00 GMT

read more

CVE-2024-13418 - WordPress Theme/Plugin Arbitrary File Upload Vulnerability

CVE ID : CVE-2024-13418
Published : May 2, 2025, 4:15 a.m. | 6 hours, 29 minutes ago
Description : Multiple plugins and/or themes for WordPress are vulnerable to Arbitrary File Uploads due to a missing capability check on the ajaxUploadFonts() function in various versions. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files that can make remote code execution possible. This issue was escalated to Envato over two months from the date of this disclosure and the issue, while partially patched, is still vulnerable.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 04:15:00 GMT

read more

CVE-2024-12023 - "Elementor CRM FULL Cliente SQL Injection Vulnerability"

CVE ID : CVE-2024-12023
Published : May 2, 2025, 4:15 a.m. | 4 hours, 29 minutes ago
Description : The FULL – Cliente plugin for WordPress is vulnerable to SQL Injection via the 'formId' parameter in all versions 3.1.5 to 3.1.25 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. This is only exploitable when the PRO version of the plugin is activated, along with Elementor Pro and Elementor CRM.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 04:15:00 GMT

read more

CVE-2025-4177 - Flynax Bridge - Unauthenticated User Deletion Vulnerability

CVE ID : CVE-2025-4177
Published : May 2, 2025, 3:15 a.m. | 5 hours, 29 minutes ago
Description : The Flynax Bridge plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the deleteUser() function in all versions up to, and including, 2.2.0. This makes it possible for unauthenticated attackers to delete arbitrary users.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 03:15:00 GMT

read more

CVE-2025-4179 - Flynax Bridge WordPress Privilege Escalation

CVE ID : CVE-2025-4179
Published : May 2, 2025, 3:15 a.m. | 5 hours, 29 minutes ago
Description : The Flynax Bridge plugin for WordPress is vulnerable to limited Privilege Escalation due to a missing capability check on the registerUser() function in all versions up to, and including, 2.2.0. This makes it possible for unauthenticated attackers to register new user accounts as authors.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 03:15:00 GMT

read more

CVE-2025-2880 - Yame Link In Bio WordPress Sensitive Information Exposure

CVE ID : CVE-2025-2880
Published : May 2, 2025, 3:15 a.m. | 3 hours, 29 minutes ago
Description : The Yame | Link In Bio plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 0.9.0 through the publicly accessible phpinfo.php script. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed file.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 03:15:00 GMT

read more

CVE-2025-3670 - WordPress KiwiChat NextClient Stored Cross-Site Scripting

CVE ID : CVE-2025-3670
Published : May 2, 2025, 3:15 a.m. | 3 hours, 29 minutes ago
Description : The KiwiChat NextClient plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter in all versions up to, and including, 6.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 03:15:00 GMT

read more

CVE-2025-3746 - WordPress One Tap Signin Plugin Authentication Bypass

CVE ID : CVE-2025-3746
Published : May 2, 2025, 3:15 a.m. | 3 hours, 29 minutes ago
Description : The OTP-less one tap Sign in plugin for WordPress is vulnerable to privilege escalation via account takeover in versions 2.0.14 to 2.0.59. This is due to the plugin not properly validating a user's identity prior to updating their details, like email. This makes it possible for unauthenticated attackers to change arbitrary users' email addresses, including administrators, and leverage that to reset the user's password and gain access to their account. Additionally, the plugin returns authentication cookies in the response, which can be used to access the account directly.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 03:15:00 GMT

read more

CVE-2025-4131 - WordPress GmapsMania Stored Cross-Site Scripting

CVE ID : CVE-2025-4131
Published : May 2, 2025, 3:15 a.m. | 3 hours, 29 minutes ago
Description : The GmapsMania plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's gmap shortcode in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 03:15:00 GMT

read more

CVE-2025-29825 - Microsoft Edge (Chromium-based) UI Spoofing Vulnerability

CVE ID : CVE-2025-29825
Published : May 2, 2025, 2:15 a.m. | 2 hours, 29 minutes ago
Description : User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 02:15:00 GMT

read more

CVE-2025-4196 - SourceCodester Patient Record Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4196
Published : May 2, 2025, 2:15 a.m. | 2 hours, 29 minutes ago
Description : A vulnerability was found in SourceCodester Patient Record Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /birthing.php. The manipulation of the argument comp_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 02:15:00 GMT

read more

CVE-2025-4197 - Code-projects Patient Record Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4197
Published : May 2, 2025, 2:15 a.m. | 2 hours, 29 minutes ago
Description : A vulnerability classified as critical has been found in code-projects Patient Record Management System 1.0. Affected is an unknown function of the file /edit_xpatient.php. The manipulation of the argument lastname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 02:15:00 GMT

read more

CVE-2025-4193 - iSourcecode Restaurant Management System SQL Injection

CVE ID : CVE-2025-4193
Published : May 2, 2025, 1:15 a.m. | 3 hours, 28 minutes ago
Description : A vulnerability was found in itsourcecode Restaurant Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/category_update.php. The manipulation of the argument Category leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 01:15:00 GMT

read more

CVE-2025-4195 - iSourcecode Gym Management System SQL Injection

CVE ID : CVE-2025-4195
Published : May 2, 2025, 1:15 a.m. | 3 hours, 28 minutes ago
Description : A vulnerability was found in itsourcecode Gym Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /ajax.php?action=save_member. The manipulation of the argument umember_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 01:15:00 GMT

read more

CVE-2024-55909 - IBM Concert Software Archive File DoS

CVE ID : CVE-2024-55909
Published : May 2, 2025, 1:15 a.m. | 1 hour, 28 minutes ago
Description : IBM Concert Software 1.0.0 through 1.0.5 could allow an authenticated user to cause a denial of service due to the expansion of archive files without controlling resource consumption.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 01:15:00 GMT

read more

CVE-2024-55910 - IBM Concert Software SSRF Vulnerability

CVE ID : CVE-2024-55910
Published : May 2, 2025, 1:15 a.m. | 1 hour, 28 minutes ago
Description : IBM Concert Software 1.0.0 through 1.0.5 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 01:15:00 GMT

read more

CVE-2024-55912 - IBM Concert Software Cryptographic Weakness

CVE ID : CVE-2024-55912
Published : May 2, 2025, 1:15 a.m. | 1 hour, 28 minutes ago
Description : IBM Concert Software 1.0.0 through 1.0.5 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 01:15:00 GMT

read more

CVE-2024-55913 - IBM Concert Software Directory Traversal Vulnerability

CVE ID : CVE-2024-55913
Published : May 2, 2025, 1:15 a.m. | 1 hour, 28 minutes ago
Description : IBM Concert Software 1.0.0 through 1.0.5 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 01:15:00 GMT

read more

CVE-2025-4192 - iSourcecode Restaurant Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4192
Published : May 2, 2025, 1:15 a.m. | 1 hour, 28 minutes ago
Description : A vulnerability was found in itsourcecode Restaurant Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/category_save.php. The manipulation of the argument Category leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 01:15:00 GMT

read more

CVE-2025-4184 - PCMan FTP Server Buffer Overflow Vulnerability

CVE ID : CVE-2025-4184
Published : May 2, 2025, 12:15 a.m. | 2 hours, 29 minutes ago
Description : A vulnerability classified as critical was found in PCMan FTP Server 2.0.7. This vulnerability affects unknown code of the component QUOTE Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 00:15:00 GMT

read more

CVE-2025-4185 - Wangshen SecGate 3600 File Path Traversal Vulnerability

CVE ID : CVE-2025-4185
Published : May 2, 2025, 12:15 a.m. | 2 hours, 29 minutes ago
Description : A vulnerability, which was classified as critical, has been found in Wangshen SecGate 3600 2024. This issue affects some unknown processing of the file ?g=obj_area_export_save. The manipulation of the argument file_name leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 00:15:00 GMT

read more

CVE-2025-4186 - SecGate 3600 Wangshen Path Traversal Vulnerability

CVE ID : CVE-2025-4186
Published : May 2, 2025, 12:15 a.m. | 2 hours, 29 minutes ago
Description : A vulnerability, which was classified as critical, was found in Wangshen SecGate 3600 2024. Affected is an unknown function of the file /?g=route_ispinfo_export_save. The manipulation of the argument file_name leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 00:15:00 GMT

read more

CVE-2025-4191 - PHPGurukul Employee Record Management System SQL Injection

CVE ID : CVE-2025-4191
Published : May 2, 2025, 12:15 a.m. | 2 hours, 29 minutes ago
Description : A vulnerability has been found in PHPGurukul Employee Record Management System 1.3 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /editmyeducation.php. The manipulation of the argument coursepg leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 02 May 2025 00:15:00 GMT

read more

CVE-2024-52903 - IBM Db2 Denial of Service

CVE ID : CVE-2024-52903
Published : May 1, 2025, 11:15 p.m. | 3 hours, 28 minutes ago
Description : IBM Db2 for Linux, UNIX and Windows 12.1.0 and 12.1.1 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 23:15:00 GMT

read more

CVE-2025-4181 - PCMan FTP Server Buffer Overflow Vulnerability

CVE ID : CVE-2025-4181
Published : May 1, 2025, 11:15 p.m. | 3 hours, 28 minutes ago
Description : A vulnerability was found in PCMan FTP Server 2.0.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component SEND Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 23:15:00 GMT

read more

CVE-2025-4182 - PCMan FTP Server Buffer Overflow Vulnerability

CVE ID : CVE-2025-4182
Published : May 1, 2025, 11:15 p.m. | 3 hours, 28 minutes ago
Description : A vulnerability was found in PCMan FTP Server 2.0.7. It has been rated as critical. Affected by this issue is some unknown functionality of the component BELL Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 23:15:00 GMT

read more

CVE-2025-4183 - PCMan FTP Server Buffer Overflow Vulnerability

CVE ID : CVE-2025-4183
Published : May 1, 2025, 11:15 p.m. | 3 hours, 28 minutes ago
Description : A vulnerability classified as critical has been found in PCMan FTP Server 2.0.7. This affects an unknown part of the component RECV Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 23:15:00 GMT

read more

CVE-2025-1333 - IBM MQ Container Keycloak Information Disclosure

CVE ID : CVE-2025-1333
Published : May 1, 2025, 10:15 p.m. | 4 hours, 29 minutes ago
Description : IBM MQ Container when used with the IBM MQ Operator LTS 2.0.0 through 2.0.29, MQ Operator CD 3.0.0, 3.0.1, 3.1.0 through 3.1.3, 3.3.0, 3.4.0, 3.4.1, 3.5.0, 3.5.1, and MQ Operator SC2 3.2.0 through 3.2.10 and configured with Cloud Pak for Integration Keycloak could disclose sensitive information to a privileged user.
Severity: 6.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 22:15:00 GMT

read more

CVE-2025-27365 - IBM MQ Operator SIGSEGV Memory Corruption Vulnerability

CVE ID : CVE-2025-27365
Published : May 1, 2025, 10:15 p.m. | 4 hours, 29 minutes ago
Description : IBM MQ Operator LTS 2.0.0 through 2.0.29, MQ Operator CD 3.0.0, 3.0.1, 3.1.0 through 3.1.3, 3.3.0, 3.4.0, 3.4.1, 3.5.0, 3.5.1, and MQ Operator SC2 3.2.0 through 3.2.10  Client connecting to a MQ Queue Manager can cause a SIGSEGV in the AMQRMPPA channel process terminating it.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 22:15:00 GMT

read more

CVE-2025-43595 - MSP360 Backup Privilege Escalation Vulnerability

CVE ID : CVE-2025-43595
Published : May 1, 2025, 10:15 p.m. | 4 hours, 29 minutes ago
Description : An insecure file system permissions vulnerability in MSP360 Backup 4.3.1.115 allows a lower privileged user to execute commands with root level privileges in the 'Online Backup' folder. Users are recommended to upgrade to MSP360 Backup 4.4 (released on 2025-04-22).
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 22:15:00 GMT

read more

CVE-2025-4176 - PHPGurukul Blood Bank Donor Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4176
Published : May 1, 2025, 10:15 p.m. | 4 hours, 29 minutes ago
Description : A vulnerability has been found in PHPGurukul Blood Bank & Donor Management System 2.4 and classified as critical. This vulnerability affects unknown code of the file /admin/request-received-bydonar.php. The manipulation of the argument searchdata leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 22:15:00 GMT

read more

CVE-2025-4178 - Xiaowei1118 Java Server Path Traversal Vulnerability

CVE ID : CVE-2025-4178
Published : May 1, 2025, 10:15 p.m. | 4 hours, 29 minutes ago
Description : A vulnerability was found in xiaowei1118 java_server up to 11a5bac8f4ba1c17e4bc1b27cad6d24868500e3a on Windows and classified as critical. This issue affects some unknown processing of the file /src/main/java/com/changyu/foryou/controller/FoodController.java of the component File Upload API. The manipulation leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 22:15:00 GMT

read more

CVE-2025-4180 - PCMan FTP Server Buffer Overflow Vulnerability

CVE ID : CVE-2025-4180
Published : May 1, 2025, 10:15 p.m. | 4 hours, 29 minutes ago
Description : A vulnerability was found in PCMan FTP Server 2.0.7. It has been classified as critical. Affected is an unknown function of the component TRACE Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 22:15:00 GMT

read more

CVE-2025-4175 - AlanBinu007 Spring-Boot-Advanced-Projects Path Traversal Vulnerability

CVE ID : CVE-2025-4175
Published : May 1, 2025, 9:15 p.m. | 5 hours, 28 minutes ago
Description : A vulnerability, which was classified as critical, was found in AlanBinu007 Spring-Boot-Advanced-Projects up to 3.1.3. This affects the function uploadUserProfileImage of the file /Spring-Boot-Advanced-Projects-main/Project-4.SpringBoot-AWS-S3/backend/src/main/java/com/urunov/profile/UserProfileController.jav of the component Upload Profile API Endpoint. The manipulation of the argument File leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 21:15:00 GMT

read more

CVE-2024-48905 - Sematell ReplyOne Authentication Bypass

CVE ID : CVE-2024-48905
Published : May 1, 2025, 9:15 p.m. | 2 hours, 59 minutes ago
Description : Sematell ReplyOne 7.4.3.0 has Insecure Permissions for the /rest/sessions endpoint.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 21:15:00 GMT

read more

CVE-2024-48906 - Sematell ReplyOne Cross-Site Scripting Vulnerability

CVE ID : CVE-2024-48906
Published : May 1, 2025, 9:15 p.m. | 2 hours, 59 minutes ago
Description : Sematell ReplyOne 7.4.3.0 allows XSS via a ReplyDesk e-mail attachment name.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 21:15:00 GMT

read more

CVE-2024-48907 - Sematell ReplyOne 7.4.3.0 allows SSRF via the appl

CVE ID : CVE-2024-48907
Published : May 1, 2025, 9:15 p.m. | 2 hours, 59 minutes ago
Description : Sematell ReplyOne 7.4.3.0 allows SSRF via the application server API.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 21:15:00 GMT

read more

CVE-2025-46625 - Tenda RX2 Pro HTTPd Command Injection Vulnerability

CVE ID : CVE-2025-46625
Published : May 1, 2025, 8:15 p.m. | 3 hours, 59 minutes ago
Description : Lack of input validation/sanitization in the 'setLanCfg' API endpoint in httpd in the Tenda RX2 Pro 16.03.30.14 allows a remote attacker that is authorized to the web management portal to gain root shell access to the device by sending a crafted web request. This is persistent because the command injection is saved in the configuration of the device.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 20:15:00 GMT

read more

CVE-2025-46626 - Tenda RX2 Pro AES Key Reuse Vulnerability

CVE ID : CVE-2025-46626
Published : May 1, 2025, 8:15 p.m. | 3 hours, 59 minutes ago
Description : Reuse of a static AES key and initialization vector for encrypted traffic to the 'ate' management service of the Tenda RX2 Pro 16.03.30.14 allows an attacker to decrypt, replay, and/or forge traffic to the service.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 20:15:00 GMT

read more

CVE-2025-46627 - Tenda RX2 Pro Weak Credential Vulnerability

CVE ID : CVE-2025-46627
Published : May 1, 2025, 8:15 p.m. | 3 hours, 59 minutes ago
Description : Use of weak credentials in the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated attacker to authenticate to the telnet service by calculating the root password based on easily-obtained device information. The password is based on the last two digits/octets of the MAC address.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 20:15:00 GMT

read more

CVE-2025-46628 - Tenda RX2 Pro Remote Root Shell Access Vulnerability

CVE ID : CVE-2025-46628
Published : May 1, 2025, 8:15 p.m. | 3 hours, 59 minutes ago
Description : Lack of input validation/sanitization in the 'ate' management service in the Tenda RX2 Pro 16.03.30.14 allows an unauthorized remote attacker to gain root shell access to the device by sending a crafted UDP packet to the 'ate' service when it is enabled. Authentication is not needed.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 20:15:00 GMT

read more

CVE-2025-46629 - Tenda RX2 Pro Remote Access Control Bypass

CVE ID : CVE-2025-46629
Published : May 1, 2025, 8:15 p.m. | 3 hours, 59 minutes ago
Description : Lack of access controls in the 'ate' management binary of the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated remote attacker to perform unauthorized configuration changes for any router where 'ate' has been enabled by sending a crafted UDP packet
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 20:15:00 GMT

read more

CVE-2025-46630 - Tenda RX2 Pro Remote Command Execution Vulnerability

CVE ID : CVE-2025-46630
Published : May 1, 2025, 8:15 p.m. | 3 hours, 59 minutes ago
Description : Improper access controls in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated remote attacker to enable 'ate' (a remote system management binary) by sending a /goform/ate web request.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 20:15:00 GMT

read more

CVE-2025-46631 - Tenda RX2 Pro Telnet Access Control Vulnerability

CVE ID : CVE-2025-46631
Published : May 1, 2025, 8:15 p.m. | 3 hours, 59 minutes ago
Description : Improper access controls in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated remote attacker to enable telnet access to the router's OS by sending a /goform/telnet web request.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 20:15:00 GMT

read more

CVE-2025-46632 - Tenda RX2 Pro Cryptographic IV Reuse Vulnerability

CVE ID : CVE-2025-46632
Published : May 1, 2025, 8:15 p.m. | 3 hours, 59 minutes ago
Description : Initialization vector (IV) reuse in the web management portal of the Tenda RX2 Pro 16.03.30.14 may allow an attacker to discern information about or more easily decrypt encrypted messages between client and server.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 20:15:00 GMT

read more

CVE-2025-46633 - Tenda RX2 Pro Information Leak

CVE ID : CVE-2025-46633
Published : May 1, 2025, 8:15 p.m. | 3 hours, 59 minutes ago
Description : Cleartext transmission of sensitive information in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an attacker to decrypt traffic between the client and server by collecting the symmetric AES key from collected and/or observed traffic. The AES key in sent in cleartext in response to successful authentication. The IV is always EU5H62G9ICGRNI43.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 20:15:00 GMT

read more

CVE-2025-46634 - Tenda RX2 Pro Password Hash Replay Vulnerability

CVE ID : CVE-2025-46634
Published : May 1, 2025, 8:15 p.m. | 3 hours, 59 minutes ago
Description : Cleartext transmission of sensitive information in the web management portal of the Tenda RX2 Pro 16.03.30.14 may allow an unauthenticated attacker to authenticate to the web management portal by collecting credentials from observed/collected traffic. It implements encryption, but not until after the user has transmitted the hash of their password in cleartext. The hash can be replayed to authenticate.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 20:15:00 GMT

read more

CVE-2025-46635 - Tenda RX2 Pro Router Guest Wi-Fi Network Isolation Bypass

CVE ID : CVE-2025-46635
Published : May 1, 2025, 8:15 p.m. | 3 hours, 59 minutes ago
Description : An issue was discovered on Tenda RX2 Pro 16.03.30.14 devices. Improper network isolation between the guest Wi-Fi network and other network interfaces on the router allows an attacker (who is authenticated to the guest Wi-Fi) to access resources on the router and/or resources and devices on other networks hosted by the router by configuring a static IP address (within the non-guest subnet) on their host.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 20:15:00 GMT

read more

CVE-2025-29763 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-29763
Published : May 1, 2025, 8:15 p.m. | 27 minutes ago
Description : Rejected reason: “This CVE ID is Rejected and will not be used. The issue was determined to not be a vulnerability.”
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 20:15:00 GMT

read more

CVE-2025-46569 - Open Policy Agent (OPA) HTTP Data API Code Injection Vulnerability

CVE ID : CVE-2025-46569
Published : May 1, 2025, 8:15 p.m. | 27 minutes ago
Description : Open Policy Agent (OPA) is an open source, general-purpose policy engine. Prior to version 1.4.0, when run as a server, OPA exposes an HTTP Data API for reading and writing documents. Requesting a virtual document through the Data API entails policy evaluation, where a Rego query containing a single data document reference is constructed from the requested path. This query is then used for policy evaluation. A HTTP request path can be crafted in a way that injects Rego code into the constructed query. The evaluation result cannot be made to return any other data than what is generated by the requested path, but this path can be misdirected, and the injected Rego code can be crafted to make the query succeed or fail; opening up for oracle attacks or, given the right circumstances, erroneous policy decision results. Furthermore, the injected code can be crafted to be computationally expensive, resulting in a Denial Of Service (DoS) attack. This issue has been patched in version 1.4.0. A workaround involves having network access to OPA’s RESTful APIs being limited to `localhost` and/or trusted networks, unless necessary for production reasons.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 20:15:00 GMT

read more

CVE-2025-24522 - KUNBUS Revolution Pi Node-RED Remote Command Execution

CVE ID : CVE-2025-24522
Published : May 1, 2025, 7:15 p.m. | 1 hour, 27 minutes ago
Description : KUNBUS Revolution Pi OS Bookworm 01/2025 is vulnerable because authentication is not configured by default for the Node-RED server. This can give an unauthenticated remote attacker full access to the Node-RED server where they can run arbitrary commands on the underlying operating system.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 19:15:00 GMT

read more

CVE-2025-32011 - KUNBUS PiCtory Authentication Bypass Vulnerability

CVE ID : CVE-2025-32011
Published : May 1, 2025, 7:15 p.m. | 1 hour, 27 minutes ago
Description : KUNBUS PiCtory versions 2.5.0 through 2.11.1 have an authentication bypass vulnerability where a remote attacker can bypass authentication to get access due to a path traversal.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 19:15:00 GMT

read more

CVE-2025-35975 - MicroDicom DICOM Viewer Out-of-Bounds Write RCE

CVE ID : CVE-2025-35975
Published : May 1, 2025, 7:15 p.m. | 1 hour, 27 minutes ago
Description : MicroDicom DICOM Viewer is vulnerable to an out-of-bounds write which may allow an attacker to execute arbitrary code. The user must open a malicious DCM file for exploitation.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 19:15:00 GMT

read more

CVE-2025-35996 - KUNBUS PiCtory Stored Cross-Site Scripting (XSS)

CVE ID : CVE-2025-35996
Published : May 1, 2025, 7:15 p.m. | 1 hour, 27 minutes ago
Description : KUNBUS PiCtory version 2.11.1 and earlier are vulnerable when an authenticated remote attacker crafts a special filename that can be stored by API endpoints. That filename is later transmitted to the client in order to show a list of configuration files. Due to a missing escape or sanitization, the filename could be executed as HTML script tag resulting in a cross-site-scripting attack.
Severity: 9.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 19:15:00 GMT

read more

CVE-2025-36521 - MicroDicom DICOM Viewer Out-of-Bounds Read Vulnerability

CVE ID : CVE-2025-36521
Published : May 1, 2025, 7:15 p.m. | 1 hour, 27 minutes ago
Description : MicroDicom DICOM Viewer is vulnerable to an out-of-bounds read which may allow an attacker to cause memory corruption within the application. The user must open a malicious DCM file for exploitation.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 19:15:00 GMT

read more

CVE-2025-36558 - KUNBUS PiCtory Cross-Site Scripting (XSS)

CVE ID : CVE-2025-36558
Published : May 1, 2025, 7:15 p.m. | 1 hour, 27 minutes ago
Description : KUNBUS PiCtory version 2.11.1 and earlier are vulnerable to a cross-site-scripting attack via the sso_token used for authentication. If an attacker provides the user with a PiCtory URL containing an HTML script as an sso_token, that script will reply to the user and be executed.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 19:15:00 GMT

read more

CVE-2025-3517 - Devolutions Server PAM JIT Privilege Escalation

CVE ID : CVE-2025-3517
Published : May 1, 2025, 7:15 p.m. | 1 hour, 27 minutes ago
Description : Privilege context switching error in PAM JIT feature in Devolutions Server 2025.1.5.0 and earlier allows a PAM JIT account password to be improperly reset after usage via specific actions such as editing the username.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 19:15:00 GMT

read more

CVE-2025-4174 - PHPGurukul COVID19 Testing Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4174
Published : May 1, 2025, 7:15 p.m. | 1 hour, 27 minutes ago
Description : A vulnerability, which was classified as critical, has been found in PHPGurukul COVID19 Testing Management System 1.0. Affected by this issue is some unknown functionality of the file /login.php. The manipulation of the argument Username leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 19:15:00 GMT

read more

CVE-2025-46565 - Vite File Pattern Denial of Service

CVE ID : CVE-2025-46565
Published : May 1, 2025, 6:15 p.m. | 2 hours, 27 minutes ago
Description : Vite is a frontend tooling framework for javascript. Prior to versions 6.3.4, 6.2.7, 6.1.6, 5.4.19, and 4.5.14, the contents of files in the project root that are denied by a file matching pattern can be returned to the browser. Only apps explicitly exposing the Vite dev server to the network (using --host or server.host config option) are affected. Only files that are under project root and are denied by a file matching pattern can be bypassed. `server.fs.deny` can contain patterns matching against files (by default it includes .env, .env.*, *.{crt,pem} as such patterns). These patterns were able to bypass for files under `root` by using a combination of slash and dot (/.). This issue has been patched in versions 6.3.4, 6.2.7, 6.1.6, 5.4.19, and 4.5.14.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 18:15:00 GMT

read more

CVE-2025-46566 - DataEase Remote Code Execution Vulnerability

CVE ID : CVE-2025-46566
Published : May 1, 2025, 6:15 p.m. | 2 hours, 27 minutes ago
Description : DataEase is an open-source BI tool alternative to Tableau. Prior to version 2.10.9, authenticated users can complete RCE through the backend JDBC link. This issue has been patched in version 2.10.9.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 18:15:00 GMT

read more

CVE-2025-46567 - LLaMA Factory Deserialization Command Execution Vulnerability

CVE ID : CVE-2025-46567
Published : May 1, 2025, 6:15 p.m. | 2 hours, 27 minutes ago
Description : LLama Factory enables fine-tuning of large language models. Prior to version 1.0.0, a critical vulnerability exists in the `llamafy_baichuan2.py` script of the LLaMA-Factory project. The script performs insecure deserialization using `torch.load()` on user-supplied `.bin` files from an input directory. An attacker can exploit this behavior by crafting a malicious `.bin` file that executes arbitrary commands during deserialization. This issue has been patched in version 1.0.0.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 18:15:00 GMT

read more

CVE-2025-46568 - Stirling-PDF SSRF-Induced Arbitrary File Read Vulnerability

CVE ID : CVE-2025-46568
Published : May 1, 2025, 6:15 p.m. | 2 hours, 27 minutes ago
Description : Stirling-PDF is a locally hosted web application that allows you to perform various operations on PDF files. Prior to version 0.45.0, Stirling-PDF is vulnerable to SSRF-induced arbitrary file read. WeasyPrint redefines a set of HTML tags, including img, embed, object, and others. The references to several files inside, allow the attachment of content from any webpage or local file to a PDF. This allows the attacker to read any file on the server, including sensitive files and configuration files. All users utilizing this feature will be affected. This issue has been patched in version 0.45.0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 18:15:00 GMT

read more

CVE-2025-32881 - GoTenna Information Disclosure Vulnerability

CVE ID : CVE-2025-32881
Published : May 1, 2025, 6:15 p.m. | 27 minutes ago
Description : An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. By default, the GID is the user's phone number unless they specifically opt out. A phone number is very sensitive information because it can be tied back to individuals. The app does not encrypt the GID in messages.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 18:15:00 GMT

read more

CVE-2025-32882 - GoTenna Encryption Malleability Vulnerability

CVE ID : CVE-2025-32882
Published : May 1, 2025, 6:15 p.m. | 27 minutes ago
Description : An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. The app uses a custom implementation of encryption without any additional integrity checking mechanisms. This leaves messages malleable to an attacker that can access the message.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 18:15:00 GMT

read more

CVE-2025-32883 - goTenna Mesh RCE via Software Defined Radio

CVE ID : CVE-2025-32883
Published : May 1, 2025, 6:15 p.m. | 27 minutes ago
Description : An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. The app there makes it possible to inject any custom message (into existing mesh networks) with any GID and Callsign via a software defined radio. This can be exploited if the device is being used in an unencrypted environment or if the cryptography has already been compromised.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 18:15:00 GMT

read more

CVE-2025-32884 - goTenna Mesh Phone Number Disclosure

CVE ID : CVE-2025-32884
Published : May 1, 2025, 6:15 p.m. | 27 minutes ago
Description : An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. By default, a GID is the user's phone number unless they specifically opt out. A phone number is very sensitive information because it can be tied back to individuals. The app does not encrypt the GID in messages.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 18:15:00 GMT

read more

CVE-2025-32885 - "GoTenna v1 App Message Injection Vulnerability"

CVE ID : CVE-2025-32885
Published : May 1, 2025, 6:15 p.m. | 27 minutes ago
Description : An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. The app there makes it possible to inject any custom message (into existing v1 networks) with any GID and Callsign via a software defined radio. This can be exploited if the device is being used in an unencrypted environment or if the cryptography has already been compromised.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 18:15:00 GMT

read more

CVE-2025-32886 - goTenna Information Disclosure

CVE ID : CVE-2025-32886
Published : May 1, 2025, 6:15 p.m. | 27 minutes ago
Description : An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. All packets sent over RF are also sent over UART with USB Shell, allowing someone with local access to gain information about the protocol and intercept sensitive data.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 18:15:00 GMT

read more

CVE-2025-32887 - GoTenna Frequency Hopping Command Channel Interception Vulnerability

CVE ID : CVE-2025-32887
Published : May 1, 2025, 6:15 p.m. | 27 minutes ago
Description : An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. A command channel includes the next hop. which can be intercepted and used to break frequency hopping.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 18:15:00 GMT

read more

CVE-2025-32888 - GoTenna Mesh Hardcoded Verification Token Vulnerability

CVE ID : CVE-2025-32888
Published : May 1, 2025, 6:15 p.m. | 27 minutes ago
Description : An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. The verification token used for sending SMS through a goTenna server is hardcoded in the app.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 18:15:00 GMT

read more

CVE-2025-32889 - goTenna Hardcoded Verification Token Vulnerability

CVE ID : CVE-2025-32889
Published : May 1, 2025, 6:15 p.m. | 27 minutes ago
Description : An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. The verification token used for sending SMS through a goTenna server is hardcoded in the app.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 18:15:00 GMT

read more

CVE-2025-32890 - goTenna Mesh Plaintext Injection Vulnerability

CVE ID : CVE-2025-32890
Published : May 1, 2025, 6:15 p.m. | 27 minutes ago
Description : An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. It uses a custom implementation of encryption without any additional integrity checking mechanisms. This leaves messages malleable to an attacker that can access the message.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 18:15:00 GMT

read more

CVE-2025-44860 - TOTOLINK CA300-POE Command Injection Vulnerability

CVE ID : CVE-2025-44860
Published : May 1, 2025, 6:15 p.m. | 27 minutes ago
Description : TOTOLINK CA300-POE V6.2c.884_B20180522 was found to contain a command injection vulnerability in the msg_process function via the Port parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 18:15:00 GMT

read more

CVE-2025-44861 - TOTOLINK CA300-POE Command Injection

CVE ID : CVE-2025-44861
Published : May 1, 2025, 6:15 p.m. | 27 minutes ago
Description : TOTOLINK CA300-POE V6.2c.884_B20180522 was found to contain a command injection vulnerability in the CloudSrvUserdataVersionCheck function via the url parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 18:15:00 GMT

read more

CVE-2025-44862 - TOTOLINK CA300-POE Command Injection Vulnerability

CVE ID : CVE-2025-44862
Published : May 1, 2025, 6:15 p.m. | 27 minutes ago
Description : TOTOLINK CA300-POE V6.2c.884_B20180522 was found to contain a command injection vulnerability in the recvUpgradeNewFw function via the fwUrl parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 18:15:00 GMT

read more

CVE-2025-44863 - TOTOLINK CA300-POE Command Injection Vulnerability

CVE ID : CVE-2025-44863
Published : May 1, 2025, 6:15 p.m. | 27 minutes ago
Description : TOTOLINK CA300-POE V6.2c.884_B20180522 was found to contain a command injection vulnerability in the msg_process function via the Url parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 18:15:00 GMT

read more

CVE-2025-44864 - Tenda W20E Command Injection Vulnerability

CVE ID : CVE-2025-44864
Published : May 1, 2025, 6:15 p.m. | 27 minutes ago
Description : Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the formSetDebugCfg function via the module parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 18:15:00 GMT

read more

CVE-2025-44865 - Tenda W20E Command Injection Vulnerability

CVE ID : CVE-2025-44865
Published : May 1, 2025, 6:15 p.m. | 27 minutes ago
Description : Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the formSetDebugCfg function via the enable parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 18:15:00 GMT

read more

CVE-2025-44866 - Tenda W20E Command Injection Vulnerability

CVE ID : CVE-2025-44866
Published : May 1, 2025, 6:15 p.m. | 27 minutes ago
Description : Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the formSetDebugCfg function via the level parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 18:15:00 GMT

read more

CVE-2025-44867 - Tenda W20E Command Injection Vulnerability

CVE ID : CVE-2025-44867
Published : May 1, 2025, 6:15 p.m. | 27 minutes ago
Description : Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the formSetNetCheckTools function via the hostName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 18:15:00 GMT

read more

CVE-2025-46337 - ADOdb PostgreSQL SQL Injection Vulnerability

CVE ID : CVE-2025-46337
Published : May 1, 2025, 6:15 p.m. | 27 minutes ago
Description : ADOdb is a PHP database class library that provides abstractions for performing queries and managing databases. Prior to version 5.22.9, improper escaping of a query parameter may allow an attacker to execute arbitrary SQL statements when the code using ADOdb connects to a PostgreSQL database and calls pg_insert_id() with user-supplied data. This issue has been patched in version 5.22.9.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 18:15:00 GMT

read more

CVE-2025-46345 - Auth0 Account Link Extension JWT Signature Verification Bypass

CVE ID : CVE-2025-46345
Published : May 1, 2025, 6:15 p.m. | 27 minutes ago
Description : Auth0 Account Link Extension is an extension aimed to help link accounts easily. Versions 2.3.4 to 2.6.6 do not verify the signature of the provided JWT. This allows the user the ability to supply a forged token and the potential to access user information without proper authorization. This issue has been patched in versions 2.6.7, 2.7.0, and 3.0.0. It is recommended to upgrade to version 3.0.0 or greater.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 18:15:00 GMT

read more

CVE-2025-4173 - SourceCodester Online Eyewear Shop SQL Injection Vulnerability

CVE ID : CVE-2025-4173
Published : May 1, 2025, 5:15 p.m. | 1 hour, 27 minutes ago
Description : A vulnerability classified as critical was found in SourceCodester Online Eyewear Shop 1.0. Affected by this vulnerability is the function delete_cart of the file /oews/classes/Master.php?f=delete_cart. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 17:15:00 GMT

read more

CVE-2022-49911 - Linux kernel netfilter ipset Memory Allocation Denial of Service

CVE ID : CVE-2022-49911
Published : May 1, 2025, 3:16 p.m. | 1 hour, 8 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: enforce documented limit to prevent allocating huge memory Daniel Xu reported that the hash:net,iface type of the ipset subsystem does not limit adding the same network with different interfaces to a set, which can lead to huge memory usage or allocation failure. The quick reproducer is $ ipset create ACL.IN.ALL_PERMIT hash:net,iface hashsize 1048576 timeout 0 $ for i in $(seq 0 100); do /sbin/ipset add ACL.IN.ALL_PERMIT 0.0.0.0/0,kaf_$i timeout 0 -exist; done The backtrace when vmalloc fails: [Tue Oct 25 00:13:08 2022] ipset: vmalloc error: size 1073741848, exceeds total pages <...> [Tue Oct 25 00:13:08 2022] Call Trace: [Tue Oct 25 00:13:08 2022] [Tue Oct 25 00:13:08 2022] dump_stack_lvl+0x48/0x60 [Tue Oct 25 00:13:08 2022] warn_alloc+0x155/0x180 [Tue Oct 25 00:13:08 2022] __vmalloc_node_range+0x72a/0x760 [Tue Oct 25 00:13:08 2022] ? hash_netiface4_add+0x7c0/0xb20 [Tue Oct 25 00:13:08 2022] ? __kmalloc_large_node+0x4a/0x90 [Tue Oct 25 00:13:08 2022] kvmalloc_node+0xa6/0xd0 [Tue Oct 25 00:13:08 2022] ? hash_netiface4_resize+0x99/0x710 <...> The fix is to enforce the limit documented in the ipset(8) manpage: > The internal restriction of the hash:net,iface set type is that the same > network prefix cannot be stored with more than 64 different interfaces > in a single set.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 15:16:00 GMT

read more

CVE-2022-49912 - Linux Btrfs Ulist Leak

CVE ID : CVE-2022-49912
Published : May 1, 2025, 3:16 p.m. | 1 hour, 8 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: btrfs: fix ulist leaks in error paths of qgroup self tests In the test_no_shared_qgroup() and test_multiple_refs() qgroup self tests, if we fail to add the tree ref, remove the extent item or remove the extent ref, we are returning from the test function without freeing the "old_roots" ulist that was allocated by the previous calls to btrfs_find_all_roots(). Fix that by calling ulist_free() before returning.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 15:16:00 GMT

read more

CVE-2022-49913 - Linux Btrfs Inode List Leak

CVE ID : CVE-2022-49913
Published : May 1, 2025, 3:16 p.m. | 1 hour, 8 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: btrfs: fix inode list leak during backref walking at find_parent_nodes() During backref walking, at find_parent_nodes(), if we are dealing with a data extent and we get an error while resolving the indirect backrefs, at resolve_indirect_refs(), or in the while loop that iterates over the refs in the direct refs rbtree, we end up leaking the inode lists attached to the direct refs we have in the direct refs rbtree that were not yet added to the refs ulist passed as argument to find_parent_nodes(). Since they were not yet added to the refs ulist and prelim_release() does not free the lists, on error the caller can only free the lists attached to the refs that were added to the refs ulist, all the remaining refs get their inode lists never freed, therefore leaking their memory. Fix this by having prelim_release() always free any attached inode list to each ref found in the rbtree, and have find_parent_nodes() set the ref's inode list to NULL once it transfers ownership of the inode list to a ref added to the refs ulist passed to find_parent_nodes().
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 15:16:00 GMT

read more

CVE-2022-49914 - "Btrfs inode list leak vulnerability"

CVE ID : CVE-2022-49914
Published : May 1, 2025, 3:16 p.m. | 1 hour, 8 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: btrfs: fix inode list leak during backref walking at resolve_indirect_refs() During backref walking, at resolve_indirect_refs(), if we get an error we jump to the 'out' label and call ulist_free() on the 'parents' ulist, which frees all the elements in the ulist - however that does not free any inode lists that may be attached to elements, through the 'aux' field of a ulist node, so we end up leaking lists if we have any attached to the unodes. Fix this by calling free_leaf_list() instead of ulist_free() when we exit from resolve_indirect_refs(). The static function free_leaf_list() is moved up for this to be possible and it's slightly simplified by removing unnecessary code.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 15:16:00 GMT

read more

CVE-2022-49915 - Linux kernel mISDN driver Memory Leak Vulnerability

CVE ID : CVE-2022-49915
Published : May 1, 2025, 3:16 p.m. | 1 hour, 8 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: mISDN: fix possible memory leak in mISDN_register_device() Afer commit 1fa5ae857bb1 ("driver core: get rid of struct device's bus_id string array"), the name of device is allocated dynamically, add put_device() to give up the reference, so that the name can be freed in kobject_cleanup() when the refcount is 0. Set device class before put_device() to avoid null release() function WARN message in device_release().
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 15:16:00 GMT

read more

CVE-2022-49916 - Linux Rose NULL Pointer Dereference Vulnerability

CVE ID : CVE-2022-49916
Published : May 1, 2025, 3:16 p.m. | 1 hour, 8 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: rose: Fix NULL pointer dereference in rose_send_frame() The syzkaller reported an issue: KASAN: null-ptr-deref in range [0x0000000000000380-0x0000000000000387] CPU: 0 PID: 4069 Comm: kworker/0:15 Not tainted 6.0.0-syzkaller-02734-g0326074ff465 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022 Workqueue: rcu_gp srcu_invoke_callbacks RIP: 0010:rose_send_frame+0x1dd/0x2f0 net/rose/rose_link.c:101 Call Trace: rose_transmit_clear_request+0x1d5/0x290 net/rose/rose_link.c:255 rose_rx_call_request+0x4c0/0x1bc0 net/rose/af_rose.c:1009 rose_loopback_timer+0x19e/0x590 net/rose/rose_loopback.c:111 call_timer_fn+0x1a0/0x6b0 kernel/time/timer.c:1474 expire_timers kernel/time/timer.c:1519 [inline] __run_timers.part.0+0x674/0xa80 kernel/time/timer.c:1790 __run_timers kernel/time/timer.c:1768 [inline] run_timer_softirq+0xb3/0x1d0 kernel/time/timer.c:1803 __do_softirq+0x1d0/0x9c8 kernel/softirq.c:571 [...] It triggers NULL pointer dereference when 'neigh->dev->dev_addr' is called in the rose_send_frame(). It's the first occurrence of the `neigh` is in rose_loopback_timer() as `rose_loopback_neigh', and the 'dev' in 'rose_loopback_neigh' is initialized sa nullptr. It had been fixed by commit 3b3fd068c56e3fbea30090859216a368398e39bf ("rose: Fix Null pointer dereference in rose_send_frame()") ever. But it's introduced by commit 3c53cd65dece47dd1f9d3a809f32e59d1d87b2b8 ("rose: check NULL rose_loopback_neigh->loopback") again. We fix it by add NULL check in rose_transmit_clear_request(). When the 'dev' in 'neigh' is NULL, we don't reply the request and just clear it. syzkaller don't provide repro, and I provide a syz repro like: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000180)={'rose0\x00', 0x201}) r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0) bind$rose(r1, &(0x7f00000000c0)=@full={0xb, @dev, @null, 0x0, [@null, @null, @netrom, @netrom, @default, @null]}, 0x40) connect$rose(r1, &(0x7f0000000240)=@short={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x1, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}}, 0x1c)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 15:16:00 GMT

read more

CVE-2022-49917 - Linux Kernel ipvs Proc Entry Removal Warning

CVE ID : CVE-2022-49917
Published : May 1, 2025, 3:16 p.m. | 1 hour, 8 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: ipvs: fix WARNING in ip_vs_app_net_cleanup() During the initialization of ip_vs_app_net_init(), if file ip_vs_app fails to be created, the initialization is successful by default. Therefore, the ip_vs_app file doesn't be found during the remove in ip_vs_app_net_cleanup(). It will cause WRNING. The following is the stack information: name 'ip_vs_app' WARNING: CPU: 1 PID: 9 at fs/proc/generic.c:712 remove_proc_entry+0x389/0x460 Modules linked in: Workqueue: netns cleanup_net RIP: 0010:remove_proc_entry+0x389/0x460 Call Trace: ops_exit_list+0x125/0x170 cleanup_net+0x4ea/0xb00 process_one_work+0x9bf/0x1710 worker_thread+0x665/0x1080 kthread+0x2e4/0x3a0 ret_from_fork+0x1f/0x30
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 15:16:00 GMT

read more

CVE-2022-49918 - Linux Kernel ipvs proc_entry Double Free

CVE ID : CVE-2022-49918
Published : May 1, 2025, 3:16 p.m. | 1 hour, 8 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: ipvs: fix WARNING in __ip_vs_cleanup_batch() During the initialization of ip_vs_conn_net_init(), if file ip_vs_conn or ip_vs_conn_sync fails to be created, the initialization is successful by default. Therefore, the ip_vs_conn or ip_vs_conn_sync file doesn't be found during the remove. The following is the stack information: name 'ip_vs_conn_sync' WARNING: CPU: 3 PID: 9 at fs/proc/generic.c:712 remove_proc_entry+0x389/0x460 Modules linked in: Workqueue: netns cleanup_net RIP: 0010:remove_proc_entry+0x389/0x460 Call Trace: __ip_vs_cleanup_batch+0x7d/0x120 ops_exit_list+0x125/0x170 cleanup_net+0x4ea/0xb00 process_one_work+0x9bf/0x1710 worker_thread+0x665/0x1080 kthread+0x2e4/0x3a0 ret_from_fork+0x1f/0x30
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 15:16:00 GMT

read more

CVE-2022-49919 - Netfilter NF Tables Use-After-Free Vulnerability

CVE ID : CVE-2022-49919
Published : May 1, 2025, 3:16 p.m. | 1 hour, 8 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: release flow rule object from commit path No need to postpone this to the commit release path, since no packets are walking over this object, this is accessed from control plane only. This helped uncovered UAF triggered by races with the netlink notifier.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 15:16:00 GMT

read more

CVE-2022-49920 - Linux kernel Netfilter Netlink Notifier Race Condition

CVE ID : CVE-2022-49920
Published : May 1, 2025, 3:16 p.m. | 1 hour, 8 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: netlink notifier might race to release objects commit release path is invoked via call_rcu and it runs lockless to release the objects after rcu grace period. The netlink notifier handler might win race to remove objects that the transaction context is still referencing from the commit release path. Call rcu_barrier() to ensure pending rcu callbacks run to completion if the list of transactions to be destroyed is not empty.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 15:16:00 GMT

read more

CVE-2022-49921 - Linux Kernel Net Scheduler Use After Free Vulnerability

CVE ID : CVE-2022-49921
Published : May 1, 2025, 3:16 p.m. | 1 hour, 8 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: net: sched: Fix use after free in red_enqueue() We can't use "skb" again after passing it to qdisc_enqueue(). This is basically identical to commit 2f09707d0c97 ("sch_sfb: Also store skb len before calling child enqueue").
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 15:16:00 GMT

read more

CVE-2022-49922 - Linux Kernel NFC Driver Memory Leak Vulnerability

CVE ID : CVE-2022-49922
Published : May 1, 2025, 3:16 p.m. | 1 hour, 8 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: nfc: nfcmrvl: Fix potential memory leak in nfcmrvl_i2c_nci_send() nfcmrvl_i2c_nci_send() will be called by nfcmrvl_nci_send(), and skb should be freed in nfcmrvl_i2c_nci_send(). However, nfcmrvl_nci_send() will only free skb when i2c_master_send() return >=0, which means skb will memleak when i2c_master_send() failed. Free skb no matter whether i2c_master_send() succeeds.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 15:16:00 GMT

read more

CVE-2022-49923 - Linux Kernel NXP NCI Memory Leak

CVE ID : CVE-2022-49923
Published : May 1, 2025, 3:16 p.m. | 1 hour, 8 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: nfc: nxp-nci: Fix potential memory leak in nxp_nci_send() nxp_nci_send() will call nxp_nci_i2c_write(), and only free skb when nxp_nci_i2c_write() failed. However, even if the nxp_nci_i2c_write() run succeeds, the skb will not be freed in nxp_nci_i2c_write(). As the result, the skb will memleak. nxp_nci_send() should also free the skb when nxp_nci_i2c_write() succeeds.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 15:16:00 GMT

read more

CVE-2022-49924 - Linux Kernel NFC FDP Memory Leak

CVE ID : CVE-2022-49924
Published : May 1, 2025, 3:16 p.m. | 1 hour, 8 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: nfc: fdp: Fix potential memory leak in fdp_nci_send() fdp_nci_send() will call fdp_nci_i2c_write that will not free skb in the function. As a result, when fdp_nci_i2c_write() finished, the skb will memleak. fdp_nci_send() should free skb after fdp_nci_i2c_write() finished.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 15:16:00 GMT

read more

CVE-2022-49925 - "Linux RDMA Core Null Pointer Dereference Vulnerability"

CVE ID : CVE-2022-49925
Published : May 1, 2025, 3:16 p.m. | 1 hour, 8 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix null-ptr-deref in ib_core_cleanup() KASAN reported a null-ptr-deref error: KASAN: null-ptr-deref in range [0x0000000000000118-0x000000000000011f] CPU: 1 PID: 379 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996) RIP: 0010:destroy_workqueue+0x2f/0x740 RSP: 0018:ffff888016137df8 EFLAGS: 00000202 ... Call Trace: ib_core_cleanup+0xa/0xa1 [ib_core] __do_sys_delete_module.constprop.0+0x34f/0x5b0 do_syscall_64+0x3a/0x90 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7fa1a0d221b7 ... It is because the fail of roce_gid_mgmt_init() is ignored: ib_core_init() roce_gid_mgmt_init() gid_cache_wq = alloc_ordered_workqueue # fail ... ib_core_cleanup() roce_gid_mgmt_cleanup() destroy_workqueue(gid_cache_wq) # destroy an unallocated wq Fix this by catching the fail of roce_gid_mgmt_init() in ib_core_init().
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 15:16:00 GMT

read more

CVE-2022-49926 - Linux kernel - DSA Loop Memory Leak Vulnerability

CVE ID : CVE-2022-49926
Published : May 1, 2025, 3:16 p.m. | 1 hour, 8 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: net: dsa: Fix possible memory leaks in dsa_loop_init() kmemleak reported memory leaks in dsa_loop_init(): kmemleak: 12 new suspected memory leaks unreferenced object 0xffff8880138ce000 (size 2048): comm "modprobe", pid 390, jiffies 4295040478 (age 238.976s) backtrace: [<000000006a94f1d5>] kmalloc_trace+0x26/0x60 [<00000000a9c44622>] phy_device_create+0x5d/0x970 [<00000000d0ee2afc>] get_phy_device+0xf3/0x2b0 [<00000000dca0c71f>] __fixed_phy_register.part.0+0x92/0x4e0 [<000000008a834798>] fixed_phy_register+0x84/0xb0 [<0000000055223fcb>] dsa_loop_init+0xa9/0x116 [dsa_loop] ... There are two reasons for memleak in dsa_loop_init(). First, fixed_phy_register() create and register phy_device: fixed_phy_register() get_phy_device() phy_device_create() # freed by phy_device_free() phy_device_register() # freed by phy_device_remove() But fixed_phy_unregister() only calls phy_device_remove(). So the memory allocated in phy_device_create() is leaked. Second, when mdio_driver_register() fail in dsa_loop_init(), it just returns and there is no cleanup for phydevs. Fix the problems by catching the error of mdio_driver_register() in dsa_loop_init(), then calling both fixed_phy_unregister() and phy_device_free() to release phydevs. Also add a function for phydevs cleanup to avoid duplacate.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 15:16:00 GMT

read more

CVE-2022-49927 - Linux NFS kmemleak Vulnerability

CVE ID : CVE-2022-49927
Published : May 1, 2025, 3:16 p.m. | 1 hour, 8 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: nfs4: Fix kmemleak when allocate slot failed If one of the slot allocate failed, should cleanup all the other allocated slots, otherwise, the allocated slots will leak: unreferenced object 0xffff8881115aa100 (size 64): comm ""mount.nfs"", pid 679, jiffies 4294744957 (age 115.037s) hex dump (first 32 bytes): 00 cc 19 73 81 88 ff ff 00 a0 5a 11 81 88 ff ff ...s......Z..... 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<000000007a4c434a>] nfs4_find_or_create_slot+0x8e/0x130 [<000000005472a39c>] nfs4_realloc_slot_table+0x23f/0x270 [<00000000cd8ca0eb>] nfs40_init_client+0x4a/0x90 [<00000000128486db>] nfs4_init_client+0xce/0x270 [<000000008d2cacad>] nfs4_set_client+0x1a2/0x2b0 [<000000000e593b52>] nfs4_create_server+0x300/0x5f0 [<00000000e4425dd2>] nfs4_try_get_tree+0x65/0x110 [<00000000d3a6176f>] vfs_get_tree+0x41/0xf0 [<0000000016b5ad4c>] path_mount+0x9b3/0xdd0 [<00000000494cae71>] __x64_sys_mount+0x190/0x1d0 [<000000005d56bdec>] do_syscall_64+0x35/0x80 [<00000000687c9ae4>] entry_SYSCALL_64_after_hwframe+0x46/0xb0
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 15:16:00 GMT

read more

CVE-2022-49928 - Linux Kernel SUNRPC Null Pointer Dereference Vulnerability

CVE ID : CVE-2022-49928
Published : May 1, 2025, 3:16 p.m. | 1 hour, 8 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix null-ptr-deref when xps sysfs alloc failed There is a null-ptr-deref when xps sysfs alloc failed: BUG: KASAN: null-ptr-deref in sysfs_do_create_link_sd+0x40/0xd0 Read of size 8 at addr 0000000000000030 by task gssproxy/457 CPU: 5 PID: 457 Comm: gssproxy Not tainted 6.0.0-09040-g02357b27ee03 #9 Call Trace: dump_stack_lvl+0x34/0x44 kasan_report+0xa3/0x120 sysfs_do_create_link_sd+0x40/0xd0 rpc_sysfs_client_setup+0x161/0x1b0 rpc_new_client+0x3fc/0x6e0 rpc_create_xprt+0x71/0x220 rpc_create+0x1d4/0x350 gssp_rpc_create+0xc3/0x160 set_gssp_clnt+0xbc/0x140 write_gssp+0x116/0x1a0 proc_reg_write+0xd6/0x130 vfs_write+0x177/0x690 ksys_write+0xb9/0x150 do_syscall_64+0x35/0x80 entry_SYSCALL_64_after_hwframe+0x46/0xb0 When the xprt_switch sysfs alloc failed, should not add xprt and switch sysfs to it, otherwise, maybe null-ptr-deref; also initialize the 'xps_sysfs' to NULL to avoid oops when destroy it.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 15:16:00 GMT

read more

CVE-2022-49929 - "RDMA rxe Memory Reference Count Leak Vulnerability"

CVE ID : CVE-2022-49929
Published : May 1, 2025, 3:16 p.m. | 1 hour, 8 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix mr leak in RESPST_ERR_RNR rxe_recheck_mr() will increase mr's ref_cnt, so we should call rxe_put(mr) to drop mr's ref_cnt in RESPST_ERR_RNR to avoid below warning: WARNING: CPU: 0 PID: 4156 at drivers/infiniband/sw/rxe/rxe_pool.c:259 __rxe_cleanup+0x1df/0x240 [rdma_rxe] ... Call Trace: rxe_dereg_mr+0x4c/0x60 [rdma_rxe] ib_dereg_mr_user+0xa8/0x200 [ib_core] ib_mr_pool_destroy+0x77/0xb0 [ib_core] nvme_rdma_destroy_queue_ib+0x89/0x240 [nvme_rdma] nvme_rdma_free_queue+0x40/0x50 [nvme_rdma] nvme_rdma_teardown_io_queues.part.0+0xc3/0x120 [nvme_rdma] nvme_rdma_error_recovery_work+0x4d/0xf0 [nvme_rdma] process_one_work+0x582/0xa40 ? pwq_dec_nr_in_flight+0x100/0x100 ? rwlock_bug.part.0+0x60/0x60 worker_thread+0x2a9/0x700 ? process_one_work+0xa40/0xa40 kthread+0x168/0x1a0 ? kthread_complete_and_exit+0x20/0x20 ret_from_fork+0x22/0x30
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 15:16:00 GMT

read more

CVE-2022-49930 - Hewlett Packard Enterprise RDMA NULL Pointer Dereference Vulnerability

CVE ID : CVE-2022-49930
Published : May 1, 2025, 3:16 p.m. | 1 hour, 8 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix NULL pointer problem in free_mr_init() Lock grab occurs in a concurrent scenario, resulting in stepping on a NULL pointer. It should be init mutex_init() first before use the lock. Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 Call trace: __mutex_lock.constprop.0+0xd0/0x5c0 __mutex_lock_slowpath+0x1c/0x2c mutex_lock+0x44/0x50 free_mr_send_cmd_to_hw+0x7c/0x1c0 [hns_roce_hw_v2] hns_roce_v2_dereg_mr+0x30/0x40 [hns_roce_hw_v2] hns_roce_dereg_mr+0x4c/0x130 [hns_roce_hw_v2] ib_dereg_mr_user+0x54/0x124 uverbs_free_mr+0x24/0x30 destroy_hw_idr_uobject+0x38/0x74 uverbs_destroy_uobject+0x48/0x1c4 uobj_destroy+0x74/0xcc ib_uverbs_cmd_verbs+0x368/0xbb0 ib_uverbs_ioctl+0xec/0x1a4 __arm64_sys_ioctl+0xb4/0x100 invoke_syscall+0x50/0x120 el0_svc_common.constprop.0+0x58/0x190 do_el0_svc+0x30/0x90 el0_svc+0x2c/0xb4 el0t_64_sync_handler+0x1a4/0x1b0 el0t_64_sync+0x19c/0x1a0
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 15:16:00 GMT

read more

CVE-2022-49931 - IBM HFI1 Null Pointer Dereference

CVE ID : CVE-2022-49931
Published : May 1, 2025, 3:16 p.m. | 1 hour, 8 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Correctly move list in sc_disable() Commit 13bac861952a ("IB/hfi1: Fix abba locking issue with sc_disable()") incorrectly tries to move a list from one list head to another. The result is a kernel crash. The crash is triggered when a link goes down and there are waiters for a send to complete. The following signature is seen: BUG: kernel NULL pointer dereference, address: 0000000000000030 [...] Call Trace: sc_disable+0x1ba/0x240 [hfi1] pio_freeze+0x3d/0x60 [hfi1] handle_freeze+0x27/0x1b0 [hfi1] process_one_work+0x1b0/0x380 ? process_one_work+0x380/0x380 worker_thread+0x30/0x360 ? process_one_work+0x380/0x380 kthread+0xd7/0x100 ? kthread_complete_and_exit+0x20/0x20 ret_from_fork+0x1f/0x30 The fix is to use the correct call to move the list.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 15:16:00 GMT

read more

CVE-2025-23246 - NVIDIA vGPU Denial of Service Vulnerability

CVE ID : CVE-2025-23246
Published : May 1, 2025, 3:16 p.m. | 1 hour, 8 minutes ago
Description : NVIDIA vGPU software for Windows and Linux contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it allows a guest to consume uncontrolled resources. A successful exploit of this vulnerability might lead to denial of service.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 15:16:00 GMT

read more

CVE-2025-44836 - TOTOLINK CPE CP900 Command Injection Vulnerability

CVE ID : CVE-2025-44836
Published : May 1, 2025, 3:16 p.m. | 1 hour, 8 minutes ago
Description : TOTOLINK CPE CP900 V6.3c.1144_B20190715 was discovered to contain a command injection vulnerability in the setApRebootScheCfg function via the hour or minute parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 15:16:00 GMT

read more

CVE-2025-44837 - Totolink CPE CP900 Command Injection Vulnerability

CVE ID : CVE-2025-44837
Published : May 1, 2025, 3:16 p.m. | 1 hour, 8 minutes ago
Description : TOTOLINK CPE CP900 V6.3c.1144_B20190715 was discovered to contain a command injection vulnerability in the CloudSrvUserdataVersionCheck function via the url or magicid parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 15:16:00 GMT

read more

CVE-2025-44838 - TOTOLINK CPE CP900 Command Injection Vulnerability

CVE ID : CVE-2025-44838
Published : May 1, 2025, 3:16 p.m. | 1 hour, 8 minutes ago
Description : TOTOLINK CPE CP900 V6.3c.1144_B20190715 was discovered to contain a command injection vulnerability in the setUploadUserData function via the FileName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 15:16:00 GMT

read more

CVE-2025-37773 - "virtiofs NULL Source Name Check Vulnerability"

CVE ID : CVE-2025-37773
Published : May 1, 2025, 2:15 p.m. | 22 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: virtiofs: add filesystem context source name check In certain scenarios, for example, during fuzz testing, the source name may be NULL, which could lead to a kernel panic. Therefore, an extra check for the source name should be added.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 14:15:00 GMT

read more

CVE-2025-37774 - Linux Kernel Slab Object Extensions Vulnerability

CVE ID : CVE-2025-37774
Published : May 1, 2025, 2:15 p.m. | 22 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: slab: ensure slab->obj_exts is clear in a newly allocated slab page ktest recently reported crashes while running several buffered io tests with __alloc_tagging_slab_alloc_hook() at the top of the crash call stack. The signature indicates an invalid address dereference with low bits of slab->obj_exts being set. The bits were outside of the range used by page_memcg_data_flags and objext_flags and hence were not masked out by slab_obj_exts() when obtaining the pointer stored in slab->obj_exts. The typical crash log looks like this: 00510 Unable to handle kernel NULL pointer dereference at virtual address 0000000000000010 00510 Mem abort info: 00510 ESR = 0x0000000096000045 00510 EC = 0x25: DABT (current EL), IL = 32 bits 00510 SET = 0, FnV = 0 00510 EA = 0, S1PTW = 0 00510 FSC = 0x05: level 1 translation fault 00510 Data abort info: 00510 ISV = 0, ISS = 0x00000045, ISS2 = 0x00000000 00510 CM = 0, WnR = 1, TnD = 0, TagAccess = 0 00510 GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 00510 user pgtable: 4k pages, 39-bit VAs, pgdp=0000000104175000 00510 [0000000000000010] pgd=0000000000000000, p4d=0000000000000000, pud=0000000000000000 00510 Internal error: Oops: 0000000096000045 [#1] SMP 00510 Modules linked in: 00510 CPU: 10 UID: 0 PID: 7692 Comm: cat Not tainted 6.15.0-rc1-ktest-g189e17946605 #19327 NONE 00510 Hardware name: linux,dummy-virt (DT) 00510 pstate: 20001005 (nzCv daif -PAN -UAO -TCO -DIT +SSBS BTYPE=--) 00510 pc : __alloc_tagging_slab_alloc_hook+0xe0/0x190 00510 lr : __kmalloc_noprof+0x150/0x310 00510 sp : ffffff80c87df6c0 00510 x29: ffffff80c87df6c0 x28: 000000000013d1ff x27: 000000000013d200 00510 x26: ffffff80c87df9e0 x25: 0000000000000000 x24: 0000000000000001 00510 x23: ffffffc08041953c x22: 000000000000004c x21: ffffff80c0002180 00510 x20: fffffffec3120840 x19: ffffff80c4821000 x18: 0000000000000000 00510 x17: fffffffec3d02f00 x16: fffffffec3d02e00 x15: fffffffec3d00700 00510 x14: fffffffec3d00600 x13: 0000000000000200 x12: 0000000000000006 00510 x11: ffffffc080bb86c0 x10: 0000000000000000 x9 : ffffffc080201e58 00510 x8 : ffffff80c4821060 x7 : 0000000000000000 x6 : 0000000055555556 00510 x5 : 0000000000000001 x4 : 0000000000000010 x3 : 0000000000000060 00510 x2 : 0000000000000000 x1 : ffffffc080f50cf8 x0 : ffffff80d801d000 00510 Call trace: 00510 __alloc_tagging_slab_alloc_hook+0xe0/0x190 (P) 00510 __kmalloc_noprof+0x150/0x310 00510 __bch2_folio_create+0x5c/0xf8 00510 bch2_folio_create+0x2c/0x40 00510 bch2_readahead+0xc0/0x460 00510 read_pages+0x7c/0x230 00510 page_cache_ra_order+0x244/0x3a8 00510 page_cache_async_ra+0x124/0x170 00510 filemap_readahead.isra.0+0x58/0xa0 00510 filemap_get_pages+0x454/0x7b0 00510 filemap_read+0xdc/0x418 00510 bch2_read_iter+0x100/0x1b0 00510 vfs_read+0x214/0x300 00510 ksys_read+0x6c/0x108 00510 __arm64_sys_read+0x20/0x30 00510 invoke_syscall.constprop.0+0x54/0xe8 00510 do_el0_svc+0x44/0xc8 00510 el0_svc+0x18/0x58 00510 el0t_64_sync_handler+0x104/0x130 00510 el0t_64_sync+0x154/0x158 00510 Code: d5384100 f9401c01 b9401aa3 b40002e1 (f8227881) 00510 ---[ end trace 0000000000000000 ]--- 00510 Kernel panic - not syncing: Oops: Fatal exception 00510 SMP: stopping secondary CPUs 00510 Kernel Offset: disabled 00510 CPU features: 0x0000,000000e0,00000410,8240500b 00510 Memory Limit: none Investigation indicates that these bits are already set when we allocate slab page and are not zeroed out after allocation. We are not yet sure why these crashes start happening only recently but regardless of the reason, not initializing a field that gets used later is wrong. Fix it by initializing slab->obj_exts during slab page allocation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 14:15:00 GMT

read more

CVE-2025-37775 - "Microsoft Windows Ksmbd Directory Write Vulnerability"

CVE ID : CVE-2025-37775
Published : May 1, 2025, 2:15 p.m. | 22 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix the warning from __kernel_write_iter [ 2110.972290] ------------[ cut here ]------------ [ 2110.972301] WARNING: CPU: 3 PID: 735 at fs/read_write.c:599 __kernel_write_iter+0x21b/0x280 This patch doesn't allow writing to directory.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 14:15:00 GMT

read more

CVE-2025-37776 - Linux ksmbd Use-After-Free Vulnerability

CVE ID : CVE-2025-37776
Published : May 1, 2025, 2:15 p.m. | 22 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in smb_break_all_levII_oplock() There is a room in smb_break_all_levII_oplock that can cause racy issues when unlocking in the middle of the loop. This patch use read lock to protect whole loop.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 14:15:00 GMT

read more

CVE-2025-37777 - KSMbd Use-After-Free Vuln

CVE ID : CVE-2025-37777
Published : May 1, 2025, 2:15 p.m. | 22 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in __smb2_lease_break_noti() Move tcp_transport free to ksmbd_conn_free. If ksmbd connection is referenced when ksmbd server thread terminates, It will not be freed, but conn->tcp_transport is freed. __smb2_lease_break_noti can be performed asynchronously when the connection is disconnected. __smb2_lease_break_noti calls ksmbd_conn_write, which can cause use-after-free when conn->ksmbd_transport is already freed.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 14:15:00 GMT

read more

CVE-2025-37778 - Kerberos SMBD Dangling Pointer

CVE ID : CVE-2025-37778
Published : May 1, 2025, 2:15 p.m. | 22 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix dangling pointer in krb_authenticate krb_authenticate frees sess->user and does not set the pointer to NULL. It calls ksmbd_krb5_authenticate to reinitialise sess->user but that function may return without doing so. If that happens then smb2_sess_setup, which calls krb_authenticate, will be accessing free'd memory when it later uses sess->user.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 14:15:00 GMT

read more

CVE-2025-37779 - "ERofs Linux Kernel Folio UAF Vulnerability"

CVE ID : CVE-2025-37779
Published : May 1, 2025, 2:15 p.m. | 22 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: lib/iov_iter: fix to increase non slab folio refcount When testing EROFS file-backed mount over v9fs on qemu, I encountered a folio UAF issue. The page sanity check reports the following call trace. The root cause is that pages in bvec are coalesced across a folio bounary. The refcount of all non-slab folios should be increased to ensure p9_releas_pages can put them correctly. BUG: Bad page state in process md5sum pfn:18300 page: refcount:0 mapcount:0 mapping:00000000d5ad8e4e index:0x60 pfn:0x18300 head: order:0 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 aops:z_erofs_aops ino:30b0f dentry name(?):"GoogleExtServicesCn.apk" flags: 0x100000000000041(locked|head|node=0|zone=1) raw: 0100000000000041 dead000000000100 dead000000000122 ffff888014b13bd0 raw: 0000000000000060 0000000000000020 00000000ffffffff 0000000000000000 head: 0100000000000041 dead000000000100 dead000000000122 ffff888014b13bd0 head: 0000000000000060 0000000000000020 00000000ffffffff 0000000000000000 head: 0100000000000000 0000000000000000 ffffffffffffffff 0000000000000000 head: 0000000000000010 0000000000000000 00000000ffffffff 0000000000000000 page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set Call Trace: dump_stack_lvl+0x53/0x70 bad_page+0xd4/0x220 __free_pages_ok+0x76d/0xf30 __folio_put+0x230/0x320 p9_release_pages+0x179/0x1f0 p9_virtio_zc_request+0xa2a/0x1230 p9_client_zc_rpc.constprop.0+0x247/0x700 p9_client_read_once+0x34d/0x810 p9_client_read+0xf3/0x150 v9fs_issue_read+0x111/0x360 netfs_unbuffered_read_iter_locked+0x927/0x1390 netfs_unbuffered_read_iter+0xa2/0xe0 vfs_iocb_iter_read+0x2c7/0x460 erofs_fileio_rq_submit+0x46b/0x5b0 z_erofs_runqueue+0x1203/0x21e0 z_erofs_readahead+0x579/0x8b0 read_pages+0x19f/0xa70 page_cache_ra_order+0x4ad/0xb80 filemap_readahead.isra.0+0xe7/0x150 filemap_get_pages+0x7aa/0x1890 filemap_read+0x320/0xc80 vfs_read+0x6c6/0xa30 ksys_read+0xf9/0x1c0 do_syscall_64+0x9e/0x1a0 entry_SYSCALL_64_after_hwframe+0x71/0x79
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 14:15:00 GMT

read more

CVE-2025-37780 - Linux Kernel Isofs Fid Handle Bytes Vulnerability

CVE ID : CVE-2025-37780
Published : May 1, 2025, 2:15 p.m. | 22 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: isofs: Prevent the use of too small fid syzbot reported a slab-out-of-bounds Read in isofs_fh_to_parent. [1] The handle_bytes value passed in by the reproducing program is equal to 12. In handle_to_path(), only 12 bytes of memory are allocated for the structure file_handle->f_handle member, which causes an out-of-bounds access when accessing the member parent_block of the structure isofs_fid in isofs, because accessing parent_block requires at least 16 bytes of f_handle. Here, fh_len is used to indirectly confirm that the value of handle_bytes is greater than 3 before accessing parent_block. [1] BUG: KASAN: slab-out-of-bounds in isofs_fh_to_parent+0x1b8/0x210 fs/isofs/export.c:183 Read of size 4 at addr ffff0000cc030d94 by task syz-executor215/6466 CPU: 1 UID: 0 PID: 6466 Comm: syz-executor215 Not tainted 6.14.0-rc7-syzkaller-ga2392f333575 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 Call trace: show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:466 (C) __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0xe4/0x150 lib/dump_stack.c:120 print_address_description mm/kasan/report.c:408 [inline] print_report+0x198/0x550 mm/kasan/report.c:521 kasan_report+0xd8/0x138 mm/kasan/report.c:634 __asan_report_load4_noabort+0x20/0x2c mm/kasan/report_generic.c:380 isofs_fh_to_parent+0x1b8/0x210 fs/isofs/export.c:183 exportfs_decode_fh_raw+0x2dc/0x608 fs/exportfs/expfs.c:523 do_handle_to_path+0xa0/0x198 fs/fhandle.c:257 handle_to_path fs/fhandle.c:385 [inline] do_handle_open+0x8cc/0xb8c fs/fhandle.c:403 __do_sys_open_by_handle_at fs/fhandle.c:443 [inline] __se_sys_open_by_handle_at fs/fhandle.c:434 [inline] __arm64_sys_open_by_handle_at+0x80/0x94 fs/fhandle.c:434 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline] invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151 el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744 el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600 Allocated by task 6466: kasan_save_stack mm/kasan/common.c:47 [inline] kasan_save_track+0x40/0x78 mm/kasan/common.c:68 kasan_save_alloc_info+0x40/0x50 mm/kasan/generic.c:562 poison_kmalloc_redzone mm/kasan/common.c:377 [inline] __kasan_kmalloc+0xac/0xc4 mm/kasan/common.c:394 kasan_kmalloc include/linux/kasan.h:260 [inline] __do_kmalloc_node mm/slub.c:4294 [inline] __kmalloc_noprof+0x32c/0x54c mm/slub.c:4306 kmalloc_noprof include/linux/slab.h:905 [inline] handle_to_path fs/fhandle.c:357 [inline] do_handle_open+0x5a4/0xb8c fs/fhandle.c:403 __do_sys_open_by_handle_at fs/fhandle.c:443 [inline] __se_sys_open_by_handle_at fs/fhandle.c:434 [inline] __arm64_sys_open_by_handle_at+0x80/0x94 fs/fhandle.c:434 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline] invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151 el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744 el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 14:15:00 GMT

read more

CVE-2025-37781 - HP Linux Kernel i2c cros-ec-tunnel NULL Pointer Dereference

CVE ID : CVE-2025-37781
Published : May 1, 2025, 2:15 p.m. | 22 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: i2c: cros-ec-tunnel: defer probe if parent EC is not present When i2c-cros-ec-tunnel and the EC driver are built-in, the EC parent device will not be found, leading to NULL pointer dereference. That can also be reproduced by unbinding the controller driver and then loading i2c-cros-ec-tunnel module (or binding the device). [ 271.991245] BUG: kernel NULL pointer dereference, address: 0000000000000058 [ 271.998215] #PF: supervisor read access in kernel mode [ 272.003351] #PF: error_code(0x0000) - not-present page [ 272.008485] PGD 0 P4D 0 [ 272.011022] Oops: Oops: 0000 [#1] SMP NOPTI [ 272.015207] CPU: 0 UID: 0 PID: 3859 Comm: insmod Tainted: G S 6.15.0-rc1-00004-g44722359ed83 #30 PREEMPT(full) 3c7fb39a552e7d949de2ad921a7d6588d3a4fdc5 [ 272.030312] Tainted: [S]=CPU_OUT_OF_SPEC [ 272.034233] Hardware name: HP Berknip/Berknip, BIOS Google_Berknip.13434.356.0 05/17/2021 [ 272.042400] RIP: 0010:ec_i2c_probe+0x2b/0x1c0 [i2c_cros_ec_tunnel] [ 272.048577] Code: 1f 44 00 00 41 57 41 56 41 55 41 54 53 48 83 ec 10 65 48 8b 05 06 a0 6c e7 48 89 44 24 08 4c 8d 7f 10 48 8b 47 50 4c 8b 60 78 <49> 83 7c 24 58 00 0f 84 2f 01 00 00 48 89 fb be 30 06 00 00 4c 9 [ 272.067317] RSP: 0018:ffffa32082a03940 EFLAGS: 00010282 [ 272.072541] RAX: ffff969580b6a810 RBX: ffff969580b68c10 RCX: 0000000000000000 [ 272.079672] RDX: 0000000000000000 RSI: 0000000000000282 RDI: ffff969580b68c00 [ 272.086804] RBP: 00000000fffffdfb R08: 0000000000000000 R09: 0000000000000000 [ 272.093936] R10: 0000000000000000 R11: ffffffffc0600000 R12: 0000000000000000 [ 272.101067] R13: ffffffffa666fbb8 R14: ffffffffc05b5528 R15: ffff969580b68c10 [ 272.108198] FS: 00007b930906fc40(0000) GS:ffff969603149000(0000) knlGS:0000000000000000 [ 272.116282] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 272.122024] CR2: 0000000000000058 CR3: 000000012631c000 CR4: 00000000003506f0 [ 272.129155] Call Trace: [ 272.131606] [ 272.133709] ? acpi_dev_pm_attach+0xdd/0x110 [ 272.137985] platform_probe+0x69/0xa0 [ 272.141652] really_probe+0x152/0x310 [ 272.145318] __driver_probe_device+0x77/0x110 [ 272.149678] driver_probe_device+0x1e/0x190 [ 272.153864] __driver_attach+0x10b/0x1e0 [ 272.157790] ? driver_attach+0x20/0x20 [ 272.161542] bus_for_each_dev+0x107/0x150 [ 272.165553] bus_add_driver+0x15d/0x270 [ 272.169392] driver_register+0x65/0x110 [ 272.173232] ? cleanup_module+0xa80/0xa80 [i2c_cros_ec_tunnel 3a00532f3f4af4a9eade753f86b0f8dd4e4e5698] [ 272.182617] do_one_initcall+0x110/0x350 [ 272.186543] ? security_kernfs_init_security+0x49/0xd0 [ 272.191682] ? __kernfs_new_node+0x1b9/0x240 [ 272.195954] ? security_kernfs_init_security+0x49/0xd0 [ 272.201093] ? __kernfs_new_node+0x1b9/0x240 [ 272.205365] ? kernfs_link_sibling+0x105/0x130 [ 272.209810] ? kernfs_next_descendant_post+0x1c/0xa0 [ 272.214773] ? kernfs_activate+0x57/0x70 [ 272.218699] ? kernfs_add_one+0x118/0x160 [ 272.222710] ? __kernfs_create_file+0x71/0xa0 [ 272.227069] ? sysfs_add_bin_file_mode_ns+0xd6/0x110 [ 272.232033] ? internal_create_group+0x453/0x4a0 [ 272.236651] ? __vunmap_range_noflush+0x214/0x2d0 [ 272.241355] ? __free_frozen_pages+0x1dc/0x420 [ 272.245799] ? free_vmap_area_noflush+0x10a/0x1c0 [ 272.250505] ? load_module+0x1509/0x16f0 [ 272.254431] do_init_module+0x60/0x230 [ 272.258181] __se_sys_finit_module+0x27a/0x370 [ 272.262627] do_syscall_64+0x6a/0xf0 [ 272.266206] ? do_syscall_64+0x76/0xf0 [ 272.269956] ? irqentry_exit_to_user_mode+0x79/0x90 [ 272.274836] entry_SYSCALL_64_after_hwframe+0x55/0x5d [ 272.279887] RIP: 0033:0x7b9309168d39 [ 272.283466] Code: 5b 41 5c 5d c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d af 40 0c 00 f7 d8 64 89 01 8 [ 272.302210] RSP: 002b:00007fff50f1a288 EFLAGS: 00000246 ORIG_RAX: 000 ---truncated---
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 14:15:00 GMT

read more

CVE-2025-37782 - Linux HFS slub Out-of-Bounds Write

CVE ID : CVE-2025-37782
Published : May 1, 2025, 2:15 p.m. | 22 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key Syzbot reported an issue in hfs subsystem: BUG: KASAN: slab-out-of-bounds in memcpy_from_page include/linux/highmem.h:423 [inline] BUG: KASAN: slab-out-of-bounds in hfs_bnode_read fs/hfs/bnode.c:35 [inline] BUG: KASAN: slab-out-of-bounds in hfs_bnode_read_key+0x314/0x450 fs/hfs/bnode.c:70 Write of size 94 at addr ffff8880123cd100 by task syz-executor237/5102 Call Trace: __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120 print_address_description mm/kasan/report.c:377 [inline] print_report+0x169/0x550 mm/kasan/report.c:488 kasan_report+0x143/0x180 mm/kasan/report.c:601 kasan_check_range+0x282/0x290 mm/kasan/generic.c:189 __asan_memcpy+0x40/0x70 mm/kasan/shadow.c:106 memcpy_from_page include/linux/highmem.h:423 [inline] hfs_bnode_read fs/hfs/bnode.c:35 [inline] hfs_bnode_read_key+0x314/0x450 fs/hfs/bnode.c:70 hfs_brec_insert+0x7f3/0xbd0 fs/hfs/brec.c:159 hfs_cat_create+0x41d/0xa50 fs/hfs/catalog.c:118 hfs_mkdir+0x6c/0xe0 fs/hfs/dir.c:232 vfs_mkdir+0x2f9/0x4f0 fs/namei.c:4257 do_mkdirat+0x264/0x3a0 fs/namei.c:4280 __do_sys_mkdir fs/namei.c:4300 [inline] __se_sys_mkdir fs/namei.c:4298 [inline] __x64_sys_mkdir+0x6c/0x80 fs/namei.c:4298 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fbdd6057a99 Add a check for key length in hfs_bnode_read_key to prevent out-of-bounds memory access. If the key length is invalid, the key buffer is cleared, improving stability and reliability.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 14:15:00 GMT

read more

CVE-2025-37783 - Linux Kernel drm/msm Error Pointer Dereference Vulnerability

CVE ID : CVE-2025-37783
Published : May 1, 2025, 2:15 p.m. | 22 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Fix error pointers in dpu_plane_virtual_atomic_check The function dpu_plane_virtual_atomic_check was dereferencing pointers returned by drm_atomic_get_plane_state without checking for errors. This could lead to undefined behavior if the function returns an error pointer. This commit adds checks using IS_ERR to ensure that plane_state is valid before dereferencing them. Similar to commit da29abe71e16 ("drm/amd/display: Fix error pointers in amdgpu_dm_crtc_mem_type_changed"). Patchwork: https://patchwork.freedesktop.org/patch/643132/
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 14:15:00 GMT

read more

CVE-2025-37784 - Linux Kernel Ti Net IEP NULL Pointer Dereference Vulnerability

CVE ID : CVE-2025-37784
Published : May 1, 2025, 2:15 p.m. | 22 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: net: ti: icss-iep: Fix possible NULL pointer dereference for perout request The ICSS IEP driver tracks perout and pps enable state with flags. Currently when disabling pps and perout signals during icss_iep_exit(), results in NULL pointer dereference for perout. To fix the null pointer dereference issue, the icss_iep_perout_enable_hw function can be modified to directly clear the IEP CMP registers when disabling PPS or PEROUT, without referencing the ptp_perout_request structure, as its contents are irrelevant in this case.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 14:15:00 GMT

read more

CVE-2025-37786 - Linux Kernel DSA Net Use-After-Free Vulnerability

CVE ID : CVE-2025-37786
Published : May 1, 2025, 2:15 p.m. | 22 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: net: dsa: free routing table on probe failure If complete = true in dsa_tree_setup(), it means that we are the last switch of the tree which is successfully probing, and we should be setting up all switches from our probe path. After "complete" becomes true, dsa_tree_setup_cpu_ports() or any subsequent function may fail. If that happens, the entire tree setup is in limbo: the first N-1 switches have successfully finished probing (doing nothing but having allocated persistent memory in the tree's dst->ports, and maybe dst->rtable), and switch N failed to probe, ending the tree setup process before anything is tangible from the user's PoV. If switch N fails to probe, its memory (ports) will be freed and removed from dst->ports. However, the dst->rtable elements pointing to its ports, as created by dsa_link_touch(), will remain there, and will lead to use-after-free if dereferenced. If dsa_tree_setup_switches() returns -EPROBE_DEFER, which is entirely possible because that is where ds->ops->setup() is, we get a kasan report like this: ================================================================== BUG: KASAN: slab-use-after-free in mv88e6xxx_setup_upstream_port+0x240/0x568 Read of size 8 at addr ffff000004f56020 by task kworker/u8:3/42 Call trace: __asan_report_load8_noabort+0x20/0x30 mv88e6xxx_setup_upstream_port+0x240/0x568 mv88e6xxx_setup+0xebc/0x1eb0 dsa_register_switch+0x1af4/0x2ae0 mv88e6xxx_register_switch+0x1b8/0x2a8 mv88e6xxx_probe+0xc4c/0xf60 mdio_probe+0x78/0xb8 really_probe+0x2b8/0x5a8 __driver_probe_device+0x164/0x298 driver_probe_device+0x78/0x258 __device_attach_driver+0x274/0x350 Allocated by task 42: __kasan_kmalloc+0x84/0xa0 __kmalloc_cache_noprof+0x298/0x490 dsa_switch_touch_ports+0x174/0x3d8 dsa_register_switch+0x800/0x2ae0 mv88e6xxx_register_switch+0x1b8/0x2a8 mv88e6xxx_probe+0xc4c/0xf60 mdio_probe+0x78/0xb8 really_probe+0x2b8/0x5a8 __driver_probe_device+0x164/0x298 driver_probe_device+0x78/0x258 __device_attach_driver+0x274/0x350 Freed by task 42: __kasan_slab_free+0x48/0x68 kfree+0x138/0x418 dsa_register_switch+0x2694/0x2ae0 mv88e6xxx_register_switch+0x1b8/0x2a8 mv88e6xxx_probe+0xc4c/0xf60 mdio_probe+0x78/0xb8 really_probe+0x2b8/0x5a8 __driver_probe_device+0x164/0x298 driver_probe_device+0x78/0x258 __device_attach_driver+0x274/0x350 The simplest way to fix the bug is to delete the routing table in its entirety. dsa_tree_setup_routing_table() has no problem in regenerating it even if we deleted links between ports other than those of switch N, because dsa_link_touch() first checks whether the port pair already exists in dst->rtable, allocating if not. The deletion of the routing table in its entirety already exists in dsa_tree_teardown(), so refactor that into a function that can also be called from the tree setup error path. In my analysis of the commit to blame, it is the one which added dsa_link elements to dst->rtable. Prior to that, each switch had its own ds->rtable which is freed when the switch fails to probe. But the tree is potentially persistent memory.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 14:15:00 GMT

read more

CVE-2025-37787 - Linux Kernel - DSA MV88E6XXX Null Pointer Dereference Vulnerability

CVE ID : CVE-2025-37787
Published : May 1, 2025, 2:15 p.m. | 22 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered Russell King reports that a system with mv88e6xxx dereferences a NULL pointer when unbinding this driver: https://lore.kernel.org/netdev/Z_lRkMlTJ1KQ0kVX@shell.armlinux.org.uk/ The crash seems to be in devlink_region_destroy(), which is not NULL tolerant but is given a NULL devlink global region pointer. At least on some chips, some devlink regions are conditionally registered since the blamed commit, see mv88e6xxx_setup_devlink_regions_global(): if (cond && !cond(chip)) continue; These are MV88E6XXX_REGION_STU and MV88E6XXX_REGION_PVT. If the chip does not have an STU or PVT, it should crash like this. To fix the issue, avoid unregistering those regions which are NULL, i.e. were skipped at mv88e6xxx_setup_devlink_regions_global() time.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 14:15:00 GMT

read more

CVE-2025-37788 - "CXGB4 Memory Leak Vulnerability"

CVE ID : CVE-2025-37788
Published : May 1, 2025, 2:15 p.m. | 22 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: cxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path In the for loop used to allocate the loc_array and bmap for each port, a memory leak is possible when the allocation for loc_array succeeds, but the allocation for bmap fails. This is because when the control flow goes to the label free_eth_finfo, only the allocations starting from (i-1)th iteration are freed. Fix that by freeing the loc_array in the bmap allocation error path.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 14:15:00 GMT

read more

CVE-2025-37789 - OpenvSwitch Netlink Attribute Length Validation Vulnerability

CVE ID : CVE-2025-37789
Published : May 1, 2025, 2:15 p.m. | 22 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix nested key length validation in the set() action It's not safe to access nla_len(ovs_key) if the data is smaller than the netlink header. Check that the attribute is OK first.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 14:15:00 GMT

read more

CVE-2025-37790 - "Linux Net MCTP Socket RCU Free Vulnerability"

CVE ID : CVE-2025-37790
Published : May 1, 2025, 2:15 p.m. | 22 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: net: mctp: Set SOCK_RCU_FREE Bind lookup runs under RCU, so ensure that a socket doesn't go away in the middle of a lookup.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 14:15:00 GMT

read more

CVE-2025-37791 - Dell PowerEdge ethtool Stack Corruption Vulnerability

CVE ID : CVE-2025-37791
Published : May 1, 2025, 2:15 p.m. | 22 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: ethtool: cmis_cdb: use correct rpl size in ethtool_cmis_module_poll() rpl is passed as a pointer to ethtool_cmis_module_poll(), so the correct size of rpl is sizeof(*rpl) which should be just 1 byte. Using the pointer size instead can cause stack corruption: Kernel panic - not syncing: stack-protector: Kernel stack is corrupted in: ethtool_cmis_wait_for_cond+0xf4/0x100 CPU: 72 UID: 0 PID: 4440 Comm: kworker/72:2 Kdump: loaded Tainted: G OE 6.11.0 #24 Tainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODULE Hardware name: Dell Inc. PowerEdge R760/04GWWM, BIOS 1.6.6 09/20/2023 Workqueue: events module_flash_fw_work Call Trace: panic+0x339/0x360 ? ethtool_cmis_wait_for_cond+0xf4/0x100 ? __pfx_status_success+0x10/0x10 ? __pfx_status_fail+0x10/0x10 __stack_chk_fail+0x10/0x10 ethtool_cmis_wait_for_cond+0xf4/0x100 ethtool_cmis_cdb_execute_cmd+0x1fc/0x330 ? __pfx_status_fail+0x10/0x10 cmis_cdb_module_features_get+0x6d/0xd0 ethtool_cmis_cdb_init+0x8a/0xd0 ethtool_cmis_fw_update+0x46/0x1d0 module_flash_fw_work+0x17/0xa0 process_one_work+0x179/0x390 worker_thread+0x239/0x340 ? __pfx_worker_thread+0x10/0x10 kthread+0xcc/0x100 ? __pfx_kthread+0x10/0x10 ret_from_fork+0x2d/0x50 ? __pfx_kthread+0x10/0x10 ret_from_fork_asm+0x1a/0x30
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 14:15:00 GMT

read more

CVE-2025-37792 - Linux Bluetooth btrtl NULL Pointer Dereference Vulnerability

CVE ID : CVE-2025-37792
Published : May 1, 2025, 2:15 p.m. | 22 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btrtl: Prevent potential NULL dereference The btrtl_initialize() function checks that rtl_load_file() either had an error or it loaded a zero length file. However, if it loaded a zero length file then the error code is not set correctly. It results in an error pointer vs NULL bug, followed by a NULL pointer dereference. This was detected by Smatch: drivers/bluetooth/btrtl.c:592 btrtl_initialize() warn: passing zero to 'ERR_PTR'
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 14:15:00 GMT

read more

CVE-2025-37793 - Intel ASoC avs Null Pointer Dereference Vulnerability

CVE ID : CVE-2025-37793
Published : May 1, 2025, 2:15 p.m. | 22 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix null-ptr-deref in avs_component_probe() devm_kasprintf() returns NULL when memory allocation fails. Currently, avs_component_probe() does not check for this case, which results in a NULL pointer dereference.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 14:15:00 GMT

read more

CVE-2025-37794 - "Qualcomm Atheros Linux Wi-Fi Driver NULL Pointer Dereference Vulnerability"

CVE ID : CVE-2025-37794
Published : May 1, 2025, 2:15 p.m. | 22 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Purge vif txq in ieee80211_do_stop() After ieee80211_do_stop() SKB from vif's txq could still be processed. Indeed another concurrent vif schedule_and_wake_txq call could cause those packets to be dequeued (see ieee80211_handle_wake_tx_queue()) without checking the sdata current state. Because vif.drv_priv is now cleared in this function, this could lead to driver crash. For example in ath12k, ahvif is store in vif.drv_priv. Thus if ath12k_mac_op_tx() is called after ieee80211_do_stop(), ahvif->ah can be NULL, leading the ath12k_warn(ahvif->ah,...) call in this function to trigger the NULL deref below. Unable to handle kernel paging request at virtual address dfffffc000000001 KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] batman_adv: bat0: Interface deactivated: brbh1337 Mem abort info: ESR = 0x0000000096000004 EC = 0x25: DABT (current EL), IL = 32 bits SET = 0, FnV = 0 EA = 0, S1PTW = 0 FSC = 0x04: level 0 translation fault Data abort info: ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000 CM = 0, WnR = 0, TnD = 0, TagAccess = 0 GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 [dfffffc000000001] address between user and kernel address ranges Internal error: Oops: 0000000096000004 [#1] SMP CPU: 1 UID: 0 PID: 978 Comm: lbd Not tainted 6.13.0-g633f875b8f1e #114 Hardware name: HW (DT) pstate: 10000005 (nzcV daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : ath12k_mac_op_tx+0x6cc/0x29b8 [ath12k] lr : ath12k_mac_op_tx+0x174/0x29b8 [ath12k] sp : ffffffc086ace450 x29: ffffffc086ace450 x28: 0000000000000000 x27: 1ffffff810d59ca4 x26: ffffff801d05f7c0 x25: 0000000000000000 x24: 000000004000001e x23: ffffff8009ce4926 x22: ffffff801f9c0800 x21: ffffff801d05f7f0 x20: ffffff8034a19f40 x19: 0000000000000000 x18: ffffff801f9c0958 x17: ffffff800bc0a504 x16: dfffffc000000000 x15: ffffffc086ace4f8 x14: ffffff801d05f83c x13: 0000000000000000 x12: ffffffb003a0bf03 x11: 0000000000000000 x10: ffffffb003a0bf02 x9 : ffffff8034a19f40 x8 : ffffff801d05f818 x7 : 1ffffff0069433dc x6 : ffffff8034a19ee0 x5 : ffffff801d05f7f0 x4 : 0000000000000000 x3 : 0000000000000001 x2 : 0000000000000000 x1 : dfffffc000000000 x0 : 0000000000000008 Call trace: ath12k_mac_op_tx+0x6cc/0x29b8 [ath12k] (P) ieee80211_handle_wake_tx_queue+0x16c/0x260 ieee80211_queue_skb+0xeec/0x1d20 ieee80211_tx+0x200/0x2c8 ieee80211_xmit+0x22c/0x338 __ieee80211_subif_start_xmit+0x7e8/0xc60 ieee80211_subif_start_xmit+0xc4/0xee0 __ieee80211_subif_start_xmit_8023.isra.0+0x854/0x17a0 ieee80211_subif_start_xmit_8023+0x124/0x488 dev_hard_start_xmit+0x160/0x5a8 __dev_queue_xmit+0x6f8/0x3120 br_dev_queue_push_xmit+0x120/0x4a8 __br_forward+0xe4/0x2b0 deliver_clone+0x5c/0xd0 br_flood+0x398/0x580 br_dev_xmit+0x454/0x9f8 dev_hard_start_xmit+0x160/0x5a8 __dev_queue_xmit+0x6f8/0x3120 ip6_finish_output2+0xc28/0x1b60 __ip6_finish_output+0x38c/0x638 ip6_output+0x1b4/0x338 ip6_local_out+0x7c/0xa8 ip6_send_skb+0x7c/0x1b0 ip6_push_pending_frames+0x94/0xd0 rawv6_sendmsg+0x1a98/0x2898 inet_sendmsg+0x94/0xe0 __sys_sendto+0x1e4/0x308 __arm64_sys_sendto+0xc4/0x140 do_el0_svc+0x110/0x280 el0_svc+0x20/0x60 el0t_64_sync_handler+0x104/0x138 el0t_64_sync+0x154/0x158 To avoid that, empty vif's txq at ieee80211_do_stop() so no packet could be dequeued after ieee80211_do_stop() (new packets cannot be queued because SDATA_STATE_RUNNING is cleared at this point).
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 14:15:00 GMT

read more

CVE-2025-37795 - Linux Kernel wifi ath11k Use After Free

CVE ID : CVE-2025-37795
Published : May 1, 2025, 2:15 p.m. | 22 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue() The ieee80211 skb control block key (set when skb was queued) could have been removed before ieee80211_tx_dequeue() call. ieee80211_tx_dequeue() already called ieee80211_tx_h_select_key() to get the current key, but the latter do not update the key in skb control block in case it is NULL. Because some drivers actually use this key in their TX callbacks (e.g. ath1{1,2}k_mac_op_tx()) this could lead to the use after free below: BUG: KASAN: slab-use-after-free in ath11k_mac_op_tx+0x590/0x61c Read of size 4 at addr ffffff803083c248 by task kworker/u16:4/1440 CPU: 3 UID: 0 PID: 1440 Comm: kworker/u16:4 Not tainted 6.13.0-ge128f627f404 #2 Hardware name: HW (DT) Workqueue: bat_events batadv_send_outstanding_bcast_packet Call trace: show_stack+0x14/0x1c (C) dump_stack_lvl+0x58/0x74 print_report+0x164/0x4c0 kasan_report+0xac/0xe8 __asan_report_load4_noabort+0x1c/0x24 ath11k_mac_op_tx+0x590/0x61c ieee80211_handle_wake_tx_queue+0x12c/0x1c8 ieee80211_queue_skb+0xdcc/0x1b4c ieee80211_tx+0x1ec/0x2bc ieee80211_xmit+0x224/0x324 __ieee80211_subif_start_xmit+0x85c/0xcf8 ieee80211_subif_start_xmit+0xc0/0xec4 dev_hard_start_xmit+0xf4/0x28c __dev_queue_xmit+0x6ac/0x318c batadv_send_skb_packet+0x38c/0x4b0 batadv_send_outstanding_bcast_packet+0x110/0x328 process_one_work+0x578/0xc10 worker_thread+0x4bc/0xc7c kthread+0x2f8/0x380 ret_from_fork+0x10/0x20 Allocated by task 1906: kasan_save_stack+0x28/0x4c kasan_save_track+0x1c/0x40 kasan_save_alloc_info+0x3c/0x4c __kasan_kmalloc+0xac/0xb0 __kmalloc_noprof+0x1b4/0x380 ieee80211_key_alloc+0x3c/0xb64 ieee80211_add_key+0x1b4/0x71c nl80211_new_key+0x2b4/0x5d8 genl_family_rcv_msg_doit+0x198/0x240 <...> Freed by task 1494: kasan_save_stack+0x28/0x4c kasan_save_track+0x1c/0x40 kasan_save_free_info+0x48/0x94 __kasan_slab_free+0x48/0x60 kfree+0xc8/0x31c kfree_sensitive+0x70/0x80 ieee80211_key_free_common+0x10c/0x174 ieee80211_free_keys+0x188/0x46c ieee80211_stop_mesh+0x70/0x2cc ieee80211_leave_mesh+0x1c/0x60 cfg80211_leave_mesh+0xe0/0x280 cfg80211_leave+0x1e0/0x244 <...> Reset SKB control block key before calling ieee80211_tx_h_select_key() to avoid that.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 14:15:00 GMT

read more

CVE-2025-37796 - "Linux Kernel WiFi at76c50x Use After Free"

CVE ID : CVE-2025-37796
Published : May 1, 2025, 2:15 p.m. | 22 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: wifi: at76c50x: fix use after free access in at76_disconnect The memory pointed to by priv is freed at the end of at76_delete_device function (using ieee80211_free_hw). But the code then accesses the udev field of the freed object to put the USB device. This may also lead to a memory leak of the usb device. Fix this by using udev from interface.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 14:15:00 GMT

read more

CVE-2025-44835 - D-Link DIR-816 Command Injection Vulnerability

CVE ID : CVE-2025-44835
Published : May 1, 2025, 2:15 p.m. | 22 minutes ago
Description : D-Link DIR-816 A2V1.1.0B05 was found to contain a command injection in iptablesWebsFilterRun, which allows remote attackers to execute arbitrary commands via shell.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 14:15:00 GMT

read more

CVE-2025-44854 - Totolink CP900 Command Injection Vulnerability

CVE ID : CVE-2025-44854
Published : May 1, 2025, 2:15 p.m. | 22 minutes ago
Description : Totolink CP900 V6.3c.1144_B20190715 was found to contain a command injection vulnerability in the setUpgradeUboot function via the FileName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 14:15:00 GMT

read more

CVE-2025-1529 - WordPress AM LottiePlayer Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-1529
Published : May 1, 2025, 12:15 p.m. | 21 minutes ago
Description : The AM LottiePlayer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via uploaded lottie files in all versions up to, and including, 3.5.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 12:15:00 GMT

read more

CVE-2025-3874 - WordPress Simple Shopping Cart Insecure Direct Object Reference

CVE ID : CVE-2025-3874
Published : May 1, 2025, 12:15 p.m. | 21 minutes ago
Description : The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.3 due to lack of randomization of a user controlled key. This makes it possible for unauthenticated attackers to access customer shopping carts and edit product links, add or delete products, and discover coupon codes.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 12:15:00 GMT

read more

CVE-2025-3889 - WordPress Simple Shopping Cart Insecure Direct Object Reference

CVE ID : CVE-2025-3889
Published : May 1, 2025, 12:15 p.m. | 21 minutes ago
Description : The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.3 via the 'process_payment_data' due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to change the quantity of a product to a negative number, which subtracts the product cost from the total order cost. The attack will only work with Manual Checkout mode, as PayPal and Stripe will not process payments for a negative quantity.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 12:15:00 GMT

read more

CVE-2025-3890 - WordPress Simple Shopping Cart Stored Cross-Site Scripting

CVE ID : CVE-2025-3890
Published : May 1, 2025, 12:15 p.m. | 21 minutes ago
Description : The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wp_cart_button' shortcode in all versions up to, and including, 5.1.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 12:15:00 GMT

read more

CVE-2025-4163 - PHPGurukul Land Record System SQL Injection Vulnerability

CVE ID : CVE-2025-4163
Published : May 1, 2025, 12:15 p.m. | 21 minutes ago
Description : A vulnerability, which was classified as critical, has been found in PHPGurukul Land Record System 1.0. This issue affects some unknown processing of the file /admin/aboutus.php. The manipulation of the argument pagetitle leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 12:15:00 GMT

read more

CVE-2025-4164 - PHPGurukul Employee Record Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4164
Published : May 1, 2025, 12:15 p.m. | 21 minutes ago
Description : A vulnerability, which was classified as critical, was found in PHPGurukul Employee Record Management System 1.3. Affected is an unknown function of the file changepassword.php. The manipulation of the argument currentpassword leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 12:15:00 GMT

read more

CVE-2025-27007 - Brainstorm Force SureTriggers Privilege Escalation Vulnerability

CVE ID : CVE-2025-27007
Published : May 1, 2025, 11:15 a.m. | 1 hour, 21 minutes ago
Description : Incorrect Privilege Assignment vulnerability in Brainstorm Force SureTriggers allows Privilege Escalation.This issue affects SureTriggers: from n/a through 1.0.82.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 11:15:00 GMT

read more

CVE-2025-4161 - PCMan FTP Server Buffer Overflow Vulnerability

CVE ID : CVE-2025-4161
Published : May 1, 2025, 11:15 a.m. | 1 hour, 21 minutes ago
Description : A vulnerability classified as critical has been found in PCMan FTP Server up to 2.0.7. This affects an unknown part of the component VERBOSE Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 11:15:00 GMT

read more

CVE-2025-4162 - PCMan FTP Server Buffer Overflow Vulnerability

CVE ID : CVE-2025-4162
Published : May 1, 2025, 11:15 a.m. | 1 hour, 21 minutes ago
Description : A vulnerability classified as critical was found in PCMan FTP Server up to 2.0.7. This vulnerability affects unknown code of the component ASCII Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 11:15:00 GMT

read more

CVE-2025-4159 - PCMan FTP Server GLOB Command Handler Buffer Overflow Vulnerability

CVE ID : CVE-2025-4159
Published : May 1, 2025, 10:15 a.m. | 2 hours, 21 minutes ago
Description : A vulnerability was found in PCMan FTP Server up to 2.0.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component GLOB Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 10:15:00 GMT

read more

CVE-2025-4160 - PCMan FTP Server LS Command Handler Buffer Overflow Vulnerability

CVE ID : CVE-2025-4160
Published : May 1, 2025, 10:15 a.m. | 2 hours, 21 minutes ago
Description : A vulnerability was found in PCMan FTP Server up to 2.0.7. It has been rated as critical. Affected by this issue is some unknown functionality of the component LS Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 10:15:00 GMT

read more

CVE-2025-4157 - PHPGurukul Boat Booking System SQL Injection Vulnerability

CVE ID : CVE-2025-4157
Published : May 1, 2025, 9:15 a.m. | 3 hours, 21 minutes ago
Description : A vulnerability was found in PHPGurukul Boat Booking System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/booking-details.php. The manipulation of the argument Status leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 09:15:00 GMT

read more

CVE-2025-4158 - PCMan FTP Server Buffer Overflow Vulnerability

CVE ID : CVE-2025-4158
Published : May 1, 2025, 9:15 a.m. | 3 hours, 21 minutes ago
Description : A vulnerability was found in PCMan FTP Server up to 2.0.7. It has been classified as critical. Affected is an unknown function of the component PROMPT Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 09:15:00 GMT

read more

CVE-2025-47154 - Ladybird LibJS Use-After-Free Remote Code Execution Vulnerability

CVE ID : CVE-2025-47154
Published : May 1, 2025, 8:15 a.m. | 4 hours, 21 minutes ago
Description : LibJS in Ladybird before f5a6704 mishandles the freeing of the vector that arguments_list references, leading to a use-after-free, and allowing remote attackers to execute arbitrary code via a crafted .js file. NOTE: the GitHub README says "Ladybird is in a pre-alpha state, and only suitable for use by developers."
Severity: 9.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 08:15:00 GMT

read more

CVE-2025-4155 - PHPGurukul Boat Booking System SQL Injection Vulnerability

CVE ID : CVE-2025-4155
Published : May 1, 2025, 8:15 a.m. | 4 hours, 21 minutes ago
Description : A vulnerability, which was classified as critical, was found in PHPGurukul Boat Booking System 1.0. This affects an unknown part of the file /admin/edit-boat.php. The manipulation of the argument bid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 08:15:00 GMT

read more

CVE-2025-4156 - PHPGurukul Boat Booking System SQL Injection Vulnerability

CVE ID : CVE-2025-4156
Published : May 1, 2025, 8:15 a.m. | 4 hours, 21 minutes ago
Description : A vulnerability has been found in PHPGurukul Boat Booking System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/change-image.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 08:15:00 GMT

read more

CVE-2025-3521 - "WordPress Team Members Stored Cross-Site Scripting"

CVE ID : CVE-2025-3521
Published : May 1, 2025, 7:15 a.m. | 5 hours, 21 minutes ago
Description : The Team Members – Best WordPress Team Plugin with Team Slider, Team Showcase & Team Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Social Link icons in all versions up to, and including, 3.4.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 07:15:00 GMT

read more

CVE-2025-47153 - "Nodejs libuv Out-of-Bounds Access Vulnerability"

CVE ID : CVE-2025-47153
Published : May 1, 2025, 7:15 a.m. | 5 hours, 21 minutes ago
Description : Certain build processes for libuv and Node.js for 32-bit systems, such as for the nodejs binary package through nodejs_20.19.0+dfsg-1_i386.deb for Debian GNU/Linux, have an inconsistent off_t size (e.g., building on i386 Debian always uses _FILE_OFFSET_BITS=64 for the libuv dynamic library, but uses the _FILE_OFFSET_BITS global system default of 32 for nodejs), leading to out-of-bounds access. NOTE: this is not a problem in the Node.js software itself. In particular, the Node.js website's download page does not offer prebuilt Node.js for Linux on i386.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 07:15:00 GMT

read more

CVE-2025-4100 - Nautic Pages WordPress Stored Cross-Site Scripting

CVE ID : CVE-2025-4100
Published : May 1, 2025, 7:15 a.m. | 5 hours, 21 minutes ago
Description : The Nautic Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'np_marinetraffic_map' shortcode in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 07:15:00 GMT

read more

CVE-2025-4153 - PHPGurukul Park Ticketing Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4153
Published : May 1, 2025, 7:15 a.m. | 5 hours, 21 minutes ago
Description : A vulnerability classified as critical was found in PHPGurukul Park Ticketing Management System 2.0. Affected by this vulnerability is an unknown functionality of the file /profile.php. The manipulation of the argument adminname leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 07:15:00 GMT

read more

CVE-2025-4154 - PHPGurukul Pre-School Enrollment System SQL Injection Vulnerability

CVE ID : CVE-2025-4154
Published : May 1, 2025, 7:15 a.m. | 5 hours, 21 minutes ago
Description : A vulnerability, which was classified as critical, has been found in PHPGurukul Pre-School Enrollment System 1.0. Affected by this issue is some unknown functionality of the file /admin/enrollment-details.php. The manipulation of the argument Status leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 07:15:00 GMT

read more

CVE-2025-3503 - "WP Maps Stored Cross-Site Scripting Vulnerability"

CVE ID : CVE-2025-3503
Published : May 1, 2025, 6:15 a.m. | 6 hours, 21 minutes ago
Description : The WP Maps WordPress plugin before 4.7.2 does not sanitise and escape some of its Map settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 06:15:00 GMT

read more

CVE-2025-3504 - WP Maps Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3504
Published : May 1, 2025, 6:15 a.m. | 6 hours, 21 minutes ago
Description : The WP Maps WordPress plugin before 4.7.2 does not sanitise and escape some of its Map settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 06:15:00 GMT

read more

CVE-2025-4151 - PHPGurukul Curfew e-Pass Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4151
Published : May 1, 2025, 6:15 a.m. | 6 hours, 21 minutes ago
Description : A vulnerability was found in PHPGurukul Curfew e-Pass Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/pass-bwdates-reports-details.php. The manipulation of the argument fromdate leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 06:15:00 GMT

read more

CVE-2025-4152 - PHPGurukul Online Birth Certificate System SQL Injection Vulnerability

CVE ID : CVE-2025-4152
Published : May 1, 2025, 6:15 a.m. | 6 hours, 21 minutes ago
Description : A vulnerability classified as critical has been found in PHPGurukul Online Birth Certificate System 1.0. Affected is an unknown function of the file /admin/bwdates-reports-details.php. The manipulation of the argument fromdate leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 06:15:00 GMT

read more

CVE-2024-13381 - WordPress Calculated Fields Form Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2024-13381
Published : May 1, 2025, 6:15 a.m. | 4 hours, 33 minutes ago
Description : The Calculated Fields Form WordPress plugin before 5.2.62 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 06:15:00 GMT

read more

CVE-2025-3502 - WP Maps Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3502
Published : May 1, 2025, 6:15 a.m. | 4 hours, 33 minutes ago
Description : The WP Maps WordPress plugin before 4.7.2 does not sanitise and escape some of its Map settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 06:15:00 GMT

read more

CVE-2024-13845 - WordPress Gravity Forms WebHooks SSRF

CVE ID : CVE-2024-13845
Published : May 1, 2025, 5:15 a.m. | 5 hours, 33 minutes ago
Description : The Gravity Forms WebHooks plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.6.0 via the 'process_feed' method of the GF_Webhooks class This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 05:15:00 GMT

read more

CVE-2025-3952 - Projectopia WordPress Project Management Unauthenticated Option Deletion

CVE ID : CVE-2025-3952
Published : May 1, 2025, 5:15 a.m. | 5 hours, 33 minutes ago
Description : The Projectopia – WordPress Project Management plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on the 'pto_remove_logo' function in all versions up to, and including, 5.1.16. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary option values on the WordPress site. This can be leveraged to delete an option that would create an error on the site and deny service to legitimate users.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 05:15:00 GMT

read more

CVE-2025-4099 - WordPress List Children Plugin Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-4099
Published : May 1, 2025, 5:15 a.m. | 5 hours, 33 minutes ago
Description : The List Children plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'list_children' shortcode in all versions up to, and including, 2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 05:15:00 GMT

read more

CVE-2025-4150 - Netgear EX6200 Remote Buffer Overflow

CVE ID : CVE-2025-4150
Published : May 1, 2025, 5:15 a.m. | 5 hours, 33 minutes ago
Description : A vulnerability was found in Netgear EX6200 1.0.3.94. It has been declared as critical. This vulnerability affects the function sub_54340. The manipulation of the argument host leads to buffer overflow. The attack can be initiated remotely. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 05:15:00 GMT

read more

CVE-2025-2168 - Elementor Store Kit CSRF

CVE ID : CVE-2025-2168
Published : May 1, 2025, 4:16 a.m. | 6 hours, 32 minutes ago
Description : The Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Woocommerce Slider plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.4.1. This is due to missing or incorrect nonce validation on the dismiss() function. This makes it possible for unauthenticated attackers to set arbitrary user meta values to `1` which can be leveraged to lock and administrator out of their site via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 04:16:00 GMT

read more

CVE-2025-4148 - Netgear EX6200 Remote Buffer Overflow Vulnerability

CVE ID : CVE-2025-4148
Published : May 1, 2025, 4:16 a.m. | 6 hours, 32 minutes ago
Description : A vulnerability was found in Netgear EX6200 1.0.3.94 and classified as critical. Affected by this issue is the function sub_503FC. The manipulation of the argument host leads to buffer overflow. The attack may be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 04:16:00 GMT

read more

CVE-2025-4149 - Netgear EX6200 Remote Buffer Overflow Vulnerability

CVE ID : CVE-2025-4149
Published : May 1, 2025, 4:16 a.m. | 6 hours, 32 minutes ago
Description : A vulnerability was found in Netgear EX6200 1.0.3.94. It has been classified as critical. This affects the function sub_54014. The manipulation of the argument host leads to buffer overflow. It is possible to initiate the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 04:16:00 GMT

read more

CVE-2025-1304 - NewsBlogger for WordPress Arbitrary File Upload Vulnerability

CVE ID : CVE-2025-1304
Published : May 1, 2025, 4:16 a.m. | 4 hours, 20 minutes ago
Description : The NewsBlogger theme for WordPress is vulnerable to arbitrary file uploads due to a missing capability check on the newsblogger_install_and_activate_plugin() function in all versions up to, and including, 0.2.5.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 04:16:00 GMT

read more

CVE-2025-1305 - NewsBlogger WordPress CSRF Remote Code Execution Vulnerability

CVE ID : CVE-2025-1305
Published : May 1, 2025, 4:16 a.m. | 4 hours, 20 minutes ago
Description : The NewsBlogger theme for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.2.5.4. This is due to missing or incorrect nonce validation on the newsblogger_install_and_activate_plugin() function. This makes it possible for unauthenticated attackers to upload arbitrary files and achieve remote code execution via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 04:16:00 GMT

read more

CVE-2025-2816 - WordPress Page View Count Unauthorized Data Modification Vulnerability

CVE ID : CVE-2025-2816
Published : May 1, 2025, 3:15 a.m. | 5 hours, 21 minutes ago
Description : The Page View Count plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on the yellow_message_dontshow() function in versions 2.8.0 to 2.8.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update option values to one on the WordPress site. This can be leveraged to update an option that would create an error on the site and deny service to legitimate users or be used to set some values to true such as registration.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 03:15:00 GMT

read more

CVE-2025-4147 - Netgear EX6200 Remote Buffer Overflow Vulnerability

CVE ID : CVE-2025-4147
Published : May 1, 2025, 2:15 a.m. | 6 hours, 21 minutes ago
Description : A vulnerability has been found in Netgear EX6200 1.0.3.94 and classified as critical. Affected by this vulnerability is the function sub_47F7C. The manipulation of the argument host leads to buffer overflow. The attack can be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 02:15:00 GMT

read more

CVE-2025-4146 - Netgear EX6200 Remote Buffer Overflow Vulnerability

CVE ID : CVE-2025-4146
Published : May 1, 2025, 2:15 a.m. | 4 hours, 33 minutes ago
Description : A vulnerability, which was classified as critical, was found in Netgear EX6200 1.0.3.94. Affected is the function sub_41940. The manipulation of the argument host leads to buffer overflow. It is possible to launch the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 02:15:00 GMT

read more

CVE-2025-4143 - Cloudflare Workers-OAuth-Provider OAuth Redirect URI Validation Bypass

CVE ID : CVE-2025-4143
Published : May 1, 2025, 1:15 a.m. | 5 hours, 33 minutes ago
Description : The OAuth implementation in workers-oauth-provider that is part of MCP framework https://github.com/cloudflare/workers-mcp , did not correctly validate that redirect_uri was on the allowed list of redirect URIs for the given client registration. Fixed in:  https://github.com/cloudflare/workers-oauth-provider/pull/26 https://github.com/cloudflare/workers-oauth-provider/pull/26 Impact: Under certain circumstances (see below), if a victim had previously authorized with a server built on workers-oath-provider, and an attacker could later trick the victim into visiting a malicious web site, then attacker could potentially steal the victim's credentials to the same OAuth server and subsequently impersonate them. In order for the attack to be possible, the OAuth server's authorized callback must be designed to auto-approve authorizations that appear to come from an OAuth client that the victim has authorized previously. The authorization flow is not implemented by workers-oauth-provider; it is up to the application built on top to decide whether to implement such automatic re-authorization. However, many applications do implement such logic. Note: It is a basic, well-known requirement that OAuth servers should verify that the redirect URI is among the allowed list for the client, both during the authorization flow and subsequently when exchanging the authorization code for an access token. workers-oauth-provider implemented only the latter check, not the former. Unfortunately, the former is the much more important check. Readers who are familiar with OAuth may recognize that failing to check redirect URIs against the allowed list is a well-known, basic mistake, covered extensively in the RFC and elsewhere. The author of this library would like everyone to know that he was, in fact, well-aware of this requirement, thought about it a lot while designing the library, and then, somehow, forgot to actually make sure the check was in the code. That is, it's not that he didn't know what he was doing, it's that he knew what he was doing but flubbed it.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 01:15:00 GMT

read more

CVE-2025-4144 - Cloudflare Workers-Oauth-Provider PKCE Bypass

CVE ID : CVE-2025-4144
Published : May 1, 2025, 1:15 a.m. | 5 hours, 33 minutes ago
Description : PKCE was implemented in the OAuth implementation in workers-oauth-provider that is part of MCP framework https://github.com/cloudflare/workers-mcp . However, it was found that an attacker could cause the check to be skipped. Fixed in: https://github.com/cloudflare/workers-oauth-provider/pull/27 https://github.com/cloudflare/workers-oauth-provider/pull/27 Impact: PKCE is a defense-in-depth mechanism against certain kinds of attacks and was an optional extension in OAuth 2.0 which became required in the OAuth 2.1 draft. (Note that the MCP specification requires OAuth 2.1.). This bug completely bypasses PKCE protection.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 01:15:00 GMT

read more

CVE-2025-4145 - Netgear EX6200 Remote Buffer Overflow

CVE ID : CVE-2025-4145
Published : May 1, 2025, 1:15 a.m. | 5 hours, 33 minutes ago
Description : A vulnerability, which was classified as critical, has been found in Netgear EX6200 1.0.3.94. This issue affects the function sub_3D0BC. The manipulation of the argument host leads to buffer overflow. The attack may be initiated remotely. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 01 May 2025 01:15:00 GMT

read more

CVE-2025-4142 - Netgear EX6200 Remote Buffer Overflow Vulnerability

CVE ID : CVE-2025-4142
Published : April 30, 2025, 11:16 p.m. | 7 hours, 33 minutes ago
Description : A vulnerability has been found in Netgear EX6200 1.0.3.94 and classified as critical. This vulnerability affects the function sub_3C8EC. The manipulation of the argument host leads to buffer overflow. The attack can be initiated remotely. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 23:16:00 GMT

read more

CVE-2024-30146 - HCL Domino Leap Unauthenticated Server-Side File Inclusion

CVE ID : CVE-2024-30146
Published : April 30, 2025, 10:15 p.m. | 8 hours, 33 minutes ago
Description : Improper access control of endpoint in HCL Domino Leap allows certain admin users to import applications from the server's filesystem.
Severity: 4.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 22:15:00 GMT

read more

CVE-2025-4140 - Netgear EX6120 Remote Buffer Overflow Vulnerability

CVE ID : CVE-2025-4140
Published : April 30, 2025, 10:15 p.m. | 8 hours, 33 minutes ago
Description : A vulnerability, which was classified as critical, has been found in Netgear EX6120 1.0.3.94. Affected by this issue is the function sub_30394. The manipulation of the argument host leads to buffer overflow. The attack may be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 22:15:00 GMT

read more

CVE-2025-4141 - Netgear EX6200 Remote Buffer Overflow Vulnerability

CVE ID : CVE-2025-4141
Published : April 30, 2025, 10:15 p.m. | 8 hours, 33 minutes ago
Description : A vulnerability, which was classified as critical, was found in Netgear EX6200 1.0.3.94. This affects the function sub_3C03C. The manipulation of the argument host leads to buffer overflow. It is possible to initiate the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 22:15:00 GMT

read more

CVE-2022-42450 - HCL Domino Volt SVG Injection Vulnerability

CVE ID : CVE-2022-42450
Published : April 30, 2025, 10:15 p.m. | 6 hours, 33 minutes ago
Description : Improper sanitization of SVG files in HCL Domino Volt allows client-side script injection in deployed applications.
Severity: 4.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 22:15:00 GMT

read more

CVE-2023-37517 - HCL Leap Cross-Site Scripting (XSS)

CVE ID : CVE-2023-37517
Published : April 30, 2025, 10:15 p.m. | 6 hours, 33 minutes ago
Description : Missing "no cache" headers in HCL Leap permits sensitive data to be cached.
Severity: 3.2 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 22:15:00 GMT

read more

CVE-2023-37535 - HCL Domino Volt and Domino Leap Unvalidated Request Parameter Vulnerability

CVE ID : CVE-2023-37535
Published : April 30, 2025, 10:15 p.m. | 6 hours, 33 minutes ago
Description : Insufficient URI protocol whitelist in HCL Domino Volt and Domino Leap allow script injection through query parameters.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 22:15:00 GMT

read more

CVE-2023-45721 - HCL Leap Unauthenticated Directory Information Exposure

CVE ID : CVE-2023-45721
Published : April 30, 2025, 10:15 p.m. | 6 hours, 33 minutes ago
Description : Insufficient default configuration in HCL Leap allows anonymous access to directory information.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 22:15:00 GMT

read more

CVE-2023-4533 - Red Hat OpenShift Remote Code Execution

CVE ID : CVE-2023-4533
Published : April 30, 2025, 10:15 p.m. | 6 hours, 33 minutes ago
Description : Rejected reason: Red Hat Product Security has come to the conclusion that this CVE is not needed. It was assigned as a duplicate of CVE-2023-52440
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 22:15:00 GMT

read more

CVE-2024-30115 - HCL Leap Cross-Site Scripting (XSS)

CVE ID : CVE-2024-30115
Published : April 30, 2025, 10:15 p.m. | 6 hours, 33 minutes ago
Description : Insufficient sanitization policy in HCL Leap allows client-side script injection in the deployed application through the HTML widget.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 22:15:00 GMT

read more

CVE-2024-30145 - IBM HCL Domino Volt and Domino Leap Client-Side Script Injection Vulnerability

CVE ID : CVE-2024-30145
Published : April 30, 2025, 10:15 p.m. | 6 hours, 33 minutes ago
Description : Multiple vectors in HCL Domino Volt and Domino Leap allow client-side script injection in the authoring environment and deployed applications.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 22:15:00 GMT

read more

CVE-2025-24132 - Apple AirPlay Local Network Denial of Service

CVE ID : CVE-2025-24132
Published : April 30, 2025, 9:15 p.m. | 7 hours, 33 minutes ago
Description : The issue was addressed with improved memory handling. This issue is fixed in AirPlay audio SDK 2.7.1, AirPlay video SDK 3.6.0.126, CarPlay Communication Plug-in R18.1. An attacker on the local network may cause an unexpected app termination.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 21:15:00 GMT

read more

CVE-2025-30422 - AirPlay Buffer Overflow Vulnerability

CVE ID : CVE-2025-30422
Published : April 30, 2025, 9:15 p.m. | 7 hours, 33 minutes ago
Description : A buffer overflow was addressed with improved input validation. This issue is fixed in AirPlay audio SDK 2.7.1, AirPlay video SDK 3.6.0.126, CarPlay Communication Plug-in R18.1. An attacker on the local network may cause an unexpected app termination.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 21:15:00 GMT

read more

CVE-2025-4139 - Netgear EX6120 Remote Buffer Overflow Vulnerability

CVE ID : CVE-2025-4139
Published : April 30, 2025, 9:15 p.m. | 7 hours, 33 minutes ago
Description : A vulnerability classified as critical was found in Netgear EX6120 1.0.0.68. Affected by this vulnerability is the function fwAcosCgiInbound. The manipulation of the argument host leads to buffer overflow. The attack can be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 21:15:00 GMT

read more

CVE-2022-27562 - HCL Domino Volt HTML Injection Vulnerability

CVE ID : CVE-2022-27562
Published : April 30, 2025, 9:15 p.m. | 5 hours, 19 minutes ago
Description : Unsafe default file type filter policy in HCL Domino Volt allows upload of .html file and execution of unsafe JavaScript in deployed applications.
Severity: 4.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 21:15:00 GMT

read more

CVE-2022-42449 - HCL Domino Volt HTML Injection Vulnerability

CVE ID : CVE-2022-42449
Published : April 30, 2025, 9:15 p.m. | 5 hours, 19 minutes ago
Description : Unsafe default file type filter policy in HCL Domino Volt allows upload of .html file and execution of unsafe JavaScript in deployed applications
Severity: 4.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 21:15:00 GMT

read more

CVE-2024-6032 - Tesla Model S Iris Modem Command Injection Code Execution Vulnerability

CVE ID : CVE-2024-6032
Published : April 30, 2025, 8:15 p.m. | 6 hours, 20 minutes ago
Description : Tesla Model S Iris Modem ql_atfwd Command Injection Code Execution Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected Tesla Model S vehicles. An attacker must first obtain the ability to execute code on the target system in order to exploit this vulnerability. The specific flaw exists within the ql_atfwd process. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code on the target modem in the context of root. Was ZDI-CAN-23201.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 20:15:00 GMT

read more

CVE-2025-27611 - Base-x Unvalidated User Input Address Manipulation Vulnerability

CVE ID : CVE-2025-27611
Published : April 30, 2025, 8:15 p.m. | 6 hours, 20 minutes ago
Description : base-x is a base encoder and decoder of any given alphabet using bitcoin style leading zero compression. Versions 4.0.0, 5.0.0, and all prior to 3.0.11, are vulnerable to attackers potentially deceiving users into sending funds to an unintended address. This issue has been patched in versions 3.0.11, 4.0.1, and 5.0.1.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 20:15:00 GMT

read more

CVE-2025-2082 - Tesla Model 3 VCSEC Integer Overflow Remote Code Execution Vulnerability

CVE ID : CVE-2025-2082
Published : April 30, 2025, 8:15 p.m. | 6 hours, 20 minutes ago
Description : Tesla Model 3 VCSEC Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Tesla Model 3 vehicles. Authentication is not required to exploit this vulnerability. The specific flaw exists within the VCSEC module. By manipulating the certificate response sent from the Tire Pressure Monitoring System (TPMS), an attacker can trigger an integer overflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the VCSEC module and send arbitrary messages to the vehicle CAN bus. Was ZDI-CAN-23800.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 20:15:00 GMT

read more

CVE-2025-4136 - Weitong Mall Remote Unauthorized Access Vulnerability

CVE ID : CVE-2025-4136
Published : April 30, 2025, 8:15 p.m. | 6 hours, 20 minutes ago
Description : A vulnerability was found in Weitong Mall 1.0.0. It has been classified as critical. This affects an unknown part of the component Sale Endpoint. The manipulation of the argument ID leads to improper authorization. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 20:15:00 GMT

read more

CVE-2024-13943 - Tesla Model S Iris Modem Sandbox Escape Vulnerability

CVE ID : CVE-2024-13943
Published : April 30, 2025, 8:15 p.m. | 4 hours, 19 minutes ago
Description : Tesla Model S Iris Modem QCMAP_ConnectionManager Improper Input Validation Sandbox Escape Vulnerability. This vulnerability allows local attackers to escape the sandbox on affected affected Tesla Model S vehicles. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the QCMAP_ConnectionManager component. An attacker can abuse the service to assign LAN addresses to the WWAN. An attacker can leverage this vulnerability to access network services that were only intended to be exposed to the internal LAN. Was ZDI-CAN-23199.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 20:15:00 GMT

read more

CVE-2024-6029 - Tesla Model S Iris Modem Firewall Bypass Vulnerability

CVE ID : CVE-2024-6029
Published : April 30, 2025, 8:15 p.m. | 4 hours, 19 minutes ago
Description : Tesla Model S Iris Modem Race Condition Firewall Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass the firewall on the Iris modem in affected Tesla Model S vehicles. Authentication is not required to exploit this vulnerability. The specific flaw exists within the firewall service. The issue results from a failure to obtain the xtables lock. An attacker can leverage this vulnerability to bypass firewall rules. Was ZDI-CAN-23197.
Severity: 5.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 20:15:00 GMT

read more

CVE-2024-6030 - Tesla Model S oFono Privilege Escalation Vulnerability

CVE ID : CVE-2024-6030
Published : April 30, 2025, 8:15 p.m. | 4 hours, 19 minutes ago
Description : Tesla Model S oFono Unnecessary Privileges Sandbox Escape Vulnerability. This vulnerability allows local attackers to escape the sandbox on affected Tesla Model S vehicles. An attacker must first obtain the ability to execute code within the sandbox on the target system in order to exploit this vulnerability. The specific flaw exists within the oFono process. The process allows an attacker to modify interfaces. An attacker can leverage this vulnerability to bypass the iptables network sandbox. Was ZDI-CAN-23200.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 20:15:00 GMT

read more

CVE-2024-6031 - Tesla Model S oFono AT Command Heap Buffer Overflow Code Execution Vulnerability

CVE ID : CVE-2024-6031
Published : April 30, 2025, 8:15 p.m. | 4 hours, 19 minutes ago
Description : Tesla Model S oFono AT Command Heap-based Buffer Overflow Code Execution Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected Tesla Model S vehicles. An attacker must first obtain the ability to execute code on the target modem in order to exploit this vulnerability. The specific flaw exists within the parsing of responses from AT commands. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-23198.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 20:15:00 GMT

read more

CVE-2025-46558 - XWiki Contrib Markdown XSS

CVE ID : CVE-2025-46558
Published : April 30, 2025, 7:15 p.m. | 5 hours, 19 minutes ago
Description : XWiki Contrib's Syntax Markdown allows importing Markdown content into wiki pages and creating wiki content in Markdown. In versions starting from 8.2 to before 8.9, the Markdown syntax is vulnerable to cross-site scripting (XSS) through HTML. In particular, using Markdown syntax, it's possible for any user to embed Javascript code that will then be executed on the browser of any other user visiting either the document or the comment that contains it. In the instance that this code is executed by a user with admins or programming rights, this issue compromises the confidentiality, integrity and availability of the whole XWiki installation. This issue has been patched in version 8.9.
Severity: 9.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 19:15:00 GMT

read more

CVE-2024-47784 - ANC Software Password Change Bypass Vulnerability

CVE ID : CVE-2024-47784
Published : April 30, 2025, 7:15 p.m. | 1 hour, 19 minutes ago
Description : Unverified Password Change for ANC software that allows an authenticated attacker to bypass the old Password check in the password change form via a web HMI This issue affects ANC software version 1.1.4 and earlier.
Severity: 2.6 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 19:15:00 GMT

read more

CVE-2024-9876 - ABB ANC/ANC-L/ANC-mini Data Tampering Vulnerability

CVE ID : CVE-2024-9876
Published : April 30, 2025, 7:15 p.m. | 1 hour, 19 minutes ago
Description : : Modification of Assumed-Immutable Data (MAID) vulnerability in ABB ANC, ABB ANC-L, ABB ANC-mini.This issue affects ANC: through 1.1.4; ANC-L: through 1.1.4; ANC-mini: through 1.1.4.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 19:15:00 GMT

read more

CVE-2024-9877 - ABB ANC, ANC-L, ANC-mini GET Request Method With Sensitive Query Strings Information Disclosure

CVE ID : CVE-2024-9877
Published : April 30, 2025, 7:15 p.m. | 1 hour, 19 minutes ago
Description : : Use of GET Request Method With Sensitive Query Strings vulnerability in ABB ANC, ABB ANC-L, ABB ANC-mini.This issue affects ANC: through 1.1.4; ANC-L: through 1.1.4; ANC-mini: through 1.1.4.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 19:15:00 GMT

read more

CVE-2025-24887 - OpenCTI Allow/Deny List Bypass Vulnerability

CVE ID : CVE-2025-24887
Published : April 30, 2025, 7:15 p.m. | 1 hour, 19 minutes ago
Description : OpenCTI is an open-source cyber threat intelligence platform. In versions starting from 6.4.8 to before 6.4.10, the allow/deny lists can be bypassed, allowing a user to change attributes that are intended to be unmodifiable by the user. It is possible to toggle the `external` flag on/off and change the own token value for a user. It is also possible to edit attributes that are not in the allow list, such as `otp_qr` and `otp_activated`. If external users exist in the OpenCTI setup and the information about these users identities is sensitive, the above vulnerabilities can be used to enumerate existing user accounts as a standard low privileged user. This issue has been patched in version 6.4.10.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 19:15:00 GMT

read more

CVE-2025-2170 - SMA1000 Appliance SSRF Vulnerability

CVE ID : CVE-2025-2170
Published : April 30, 2025, 7:15 p.m. | 1 hour, 19 minutes ago
Description : A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface, which in specific conditions could potentially enable a remote unauthenticated attacker to cause the appliance to make requests to an unintended location.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 19:15:00 GMT

read more

CVE-2025-32777 - Kubernetes Volcano Denial of Service and Privilege Escalation

CVE ID : CVE-2025-32777
Published : April 30, 2025, 7:15 p.m. | 1 hour, 19 minutes ago
Description : Volcano is a Kubernetes-native batch scheduling system. Prior to versions 1.11.2, 1.10.2, 1.9.1, 1.11.0-network-topology-preview.3, and 1.12.0-alpha.2, attacker compromise of either the Elastic service or the extender plugin can cause denial of service of the scheduler. This is a privilege escalation, because Volcano users may run their Elastic service and extender plugins in separate pods or nodes from the scheduler. In the Kubernetes security model, node isolation is a security boundary, and as such an attacker is able to cross that boundary in Volcano's case if they have compromised either the vulnerable services or the pod/node in which they are deployed. The scheduler will become unavailable to other users and workloads in the cluster. The scheduler will either crash with an unrecoverable OOM panic or freeze while consuming excessive amounts of memory. This issue has been patched in versions 1.11.2, 1.10.2, 1.9.1, 1.11.0-network-topology-preview.3, and 1.12.0-alpha.2.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 19:15:00 GMT

read more

CVE-2025-46331 - OpenFGA Authorization Bypass Vulnerability

CVE ID : CVE-2025-46331
Published : April 30, 2025, 7:15 p.m. | 1 hour, 19 minutes ago
Description : OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.8.10 to v1.3.6 (Helm chart <= openfga-0.2.28, docker <= v.1.8.10) are vulnerable to authorization bypass when certain Check and ListObject calls are executed. This issue has been patched in version 1.8.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 19:15:00 GMT

read more

CVE-2025-46554 - XWiki Unauthenticated Attachment Metadata Disclosure

CVE ID : CVE-2025-46554
Published : April 30, 2025, 7:15 p.m. | 1 hour, 18 minutes ago
Description : XWiki is a generic wiki platform. In versions starting from 1.8.1 to before 14.10.22, from 15.0-rc-1 to before 15.10.12, from 16.0.0-rc-1 to before 16.4.3, and from 16.5.0-rc-1 to before 16.7.0, anyone can access the metadata of any attachment in the wiki using the wiki attachment REST endpoint. There is no filtering for the results depending on current user rights, meaning an unauthenticated user could exploit this even in a private wiki. This issue has been patched in versions 14.10.22, 15.10.12, 16.4.3, and 16.7.0.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 19:15:00 GMT

read more

CVE-2025-46557 - XWiki Authentication Bypass Vulnerability

CVE ID : CVE-2025-46557
Published : April 30, 2025, 7:15 p.m. | 1 hour, 18 minutes ago
Description : XWiki is a generic wiki platform. In versions starting from 15.3-rc-1 to before 15.10.14, from 16.0.0-rc-1 to before 16.4.6, and from 16.5.0-rc-1 to before 16.10.0-rc-1, a user who can access pages located in the XWiki space (by default, anyone) can access the page XWiki.Authentication.Administration and (unless an authenticator is set in xwiki.cfg) switch to another installed authenticator. Note that, by default, there is only one authenticator available (Standard XWiki Authenticator). So, if no authenticator extension was installed, it's not really possible to do anything for an attacker. Also, in most cases, if an SSO authenticator is installed and utilized (like OIDC or LDAP for example), the worst an attacker can do is break authentication by switching back to the standard authenticator (that's because it's impossible to login to a user which does not have a stored password, and that's usually what SSO authenticator produce). This issue has been patched in versions 15.10.14, 16.4.6, and 16.10.0-rc-1.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 19:15:00 GMT

read more

CVE-2025-39413 - David Gwyer Simple Sitemap Missing Authorization Vulnerability

CVE ID : CVE-2025-39413
Published : April 30, 2025, 6:15 p.m. | 2 hours, 19 minutes ago
Description : Missing Authorization vulnerability in David Gwyer Simple Sitemap – Create a Responsive HTML Sitemap.This issue affects Simple Sitemap – Create a Responsive HTML Sitemap: from n/a through 3.5.14.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 18:15:00 GMT

read more

CVE-2025-3269 - Red Hat Linux Remote Command Execution

CVE ID : CVE-2025-3269
Published : April 30, 2025, 6:15 p.m. | 2 hours, 19 minutes ago
Description : Rejected reason: Red Hat Product Security has come to the conclusion that this CVE is not needed.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 18:15:00 GMT

read more

CVE-2025-44192 - SourceCodester Simple Barangay Management System SQL Injection Vulnerability

CVE ID : CVE-2025-44192
Published : April 30, 2025, 6:15 p.m. | 2 hours, 19 minutes ago
Description : SourceCodester Simple Barangay Management System v1.0 has a SQL injection vulnerability in /barangay_management/admin/?page=view_clearance.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 18:15:00 GMT

read more

CVE-2025-44193 - SourceCodester Simple Barangay Management System SQL Injection

CVE ID : CVE-2025-44193
Published : April 30, 2025, 6:15 p.m. | 2 hours, 19 minutes ago
Description : SourceCodester Simple Barangay Management System v1.0 has a SQL injection vulnerability in /barangay_management/admin/?page=view_complaint.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 18:15:00 GMT

read more

CVE-2025-44194 - SourceCodester Simple Barangay Management System SQL Injection Vulnerability

CVE ID : CVE-2025-44194
Published : April 30, 2025, 6:15 p.m. | 2 hours, 19 minutes ago
Description : SourceCodester Simple Barangay Management System v1.0 has a SQL injection vulnerability in /barangay_management/admin/?page=view_household.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 18:15:00 GMT

read more

CVE-2025-46619 - Couchbase Server File Access Vulnerability

CVE ID : CVE-2025-46619
Published : April 30, 2025, 6:15 p.m. | 2 hours, 19 minutes ago
Description : A security issue has been discovered in Couchbase Server before 7.6.4 and fixed in v.7.6.4 and v.7.2.7 for Windows that could allow unauthorized access to sensitive files. Depending on the level of privileges, this vulnerability may grant access to files such as /etc/passwd or /etc/shadow.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 18:15:00 GMT

read more

CVE-2025-4135 - Netgear WG302v2 Command Injection Vulnerability

CVE ID : CVE-2025-4135
Published : April 30, 2025, 6:15 p.m. | 2 hours, 19 minutes ago
Description : A vulnerability was found in Netgear WG302v2 up to 5.2.9 and classified as critical. Affected by this issue is the function ui_get_input_value. The manipulation of the argument host leads to command injection. The attack may be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 18:15:00 GMT

read more

CVE-2025-21416 - Azure Virtual Desktop Privilege Escalation Vulnerability

CVE ID : CVE-2025-21416
Published : April 30, 2025, 6:15 p.m. | 23 minutes ago
Description : Missing authorization in Azure Virtual Desktop allows an authorized attacker to elevate privileges over a network.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 18:15:00 GMT

read more

CVE-2025-24091 - Apple Notification Service Impersonation and Denial-of-Service Vulnerability

CVE ID : CVE-2025-24091
Published : April 30, 2025, 6:15 p.m. | 23 minutes ago
Description : An app could impersonate system notifications. Sensitive notifications now require restricted entitlements. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.3. An app may be able to cause a denial-of-service.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 18:15:00 GMT

read more

CVE-2025-2156 - Red Hat Linux Kernel Uninitialized Memory Access

CVE ID : CVE-2025-2156
Published : April 30, 2025, 6:15 p.m. | 23 minutes ago
Description : Rejected reason: Red Hat Product Security has come to the conclusion that this CVE is not needed.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 18:15:00 GMT

read more

CVE-2025-30389 - Azure Bot Framework SDK Authorization Bypass Vulnerability

CVE ID : CVE-2025-30389
Published : April 30, 2025, 6:15 p.m. | 23 minutes ago
Description : Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 18:15:00 GMT

read more

CVE-2025-30390 - Azure AzureAD Authentication Bypass

CVE ID : CVE-2025-30390
Published : April 30, 2025, 6:15 p.m. | 23 minutes ago
Description : Improper authorization in Azure allows an authorized attacker to elevate privileges over a network.
Severity: 9.9 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 18:15:00 GMT

read more

CVE-2025-30391 - Microsoft Dynamics Information Disclosure Vulnerability

CVE ID : CVE-2025-30391
Published : April 30, 2025, 6:15 p.m. | 23 minutes ago
Description : Improper input validation in Microsoft Dynamics allows an unauthorized attacker to disclose information over a network.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 18:15:00 GMT

read more

CVE-2025-30392 - Azure Bot Framework SDK Privilege Escalation Unauthorized Access

CVE ID : CVE-2025-30392
Published : April 30, 2025, 6:15 p.m. | 23 minutes ago
Description : Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 18:15:00 GMT

read more

CVE-2025-33074 - Microsoft Azure Functions Cryptographic Signature Verification Bypass

CVE ID : CVE-2025-33074
Published : April 30, 2025, 6:15 p.m. | 23 minutes ago
Description : Improper verification of cryptographic signature in Microsoft Azure Functions allows an authorized attacker to execute code over a network.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 18:15:00 GMT

read more

CVE-2025-3599 - Symantec Endpoint Protection ERASER Engine Elevation of Privilege Vulnerability

CVE ID : CVE-2025-3599
Published : April 30, 2025, 5:15 p.m. | 1 hour, 23 minutes ago
Description : Symantec Endpoint Protection Windows Agent, running an ERASER Engine prior to 119.1.7.8, may be susceptible to an Elevation of Privilege vulnerability, which may allow an attacker to delete resources that are normally protected from an application or user.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 17:15:00 GMT

read more

CVE-2025-3859 - Focus URL Truncation Vulnerability

CVE ID : CVE-2025-3859
Published : April 30, 2025, 5:15 p.m. | 1 hour, 23 minutes ago
Description : Websites directing users to long URLs that caused eliding to occur in the location view could leverage the truncating behavior to potentially trick users into thinking they were on a different webpage This vulnerability affects Focus < 138.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 17:15:00 GMT

read more

CVE-2025-32376 - Discourse DM Privilege Escalation Vulnerability

CVE ID : CVE-2025-32376
Published : April 30, 2025, 3:16 p.m. | 3 hours, 23 minutes ago
Description : Discourse is an open-source discussion platform. Prior to versions 3.4.3 on the stable branch and 3.5.0.beta3 on the beta branch, the users limit for a DM can be bypassed, thus giving the ability to potentially create a DM with every user from a site in it. This issue has been patched in stable version 3.4.3 and beta version 3.5.0.beta3.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 15:16:00 GMT

read more

CVE-2025-32970 - XWiki Open Redirect Vulnerability

CVE ID : CVE-2025-32970
Published : April 30, 2025, 3:16 p.m. | 3 hours, 23 minutes ago
Description : XWiki is a generic wiki platform. In versions starting from 13.5-rc-1 to before 15.10.13, from 16.0.0-rc-1 to before 16.4.4, and from 16.5.0-rc-1 to before 16.8.0, an open redirect vulnerability in the HTML conversion request filter allows attackers to construct URLs on an XWiki instance that redirects to any URL. This issue has been patched in versions 15.10.13, 16.4.4, and 16.8.0.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 15:16:00 GMT

read more

CVE-2025-32971 - XWiki Solr Script Service Privilege Escalation

CVE ID : CVE-2025-32971
Published : April 30, 2025, 3:16 p.m. | 3 hours, 23 minutes ago
Description : XWiki is a generic wiki platform. In versions starting from 4.5.1 to before 15.10.13, from 16.0.0-rc-1 to before 16.4.4, and from 16.5.0-rc-1 to before 16.8.0-rc-1, the Solr script service doesn't take dropped programming rights into account. The Solr script service that is accessible in XWiki's scripting API normally requires programming rights to be called. Due to using the wrong API for checking rights, it doesn't take the fact into account that programming rights might have been dropped by calling `$xcontext.dropPermissions()`. If some code relies on this for the safety of executing Velocity code with the wrong author context, this could allow a user with script rights to either cause a high load by indexing documents or to temporarily remove documents from the search index. This issue has been patched in versions 15.10.13, 16.4.4, and 16.8.0-rc-1.
Severity: 3.8 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 15:16:00 GMT

read more

CVE-2025-32972 - XWiki LESS Compiler Script Privilege Escalation Vulnerability

CVE ID : CVE-2025-32972
Published : April 30, 2025, 3:16 p.m. | 3 hours, 23 minutes ago
Description : XWiki is a generic wiki platform. In versions starting from 6.1-milestone-1 to before 15.10.12, from 16.0.0-rc-1 to before 16.4.3, and from 16.5.0-rc-1 to before 16.8.0-rc-1, the script API of the LESS compiler in XWiki is incorrectly checking for rights when calling the cache cleaning API, making it possible to clean the cache without having programming right. The only impact of this is a slowdown in XWiki execution as the caches are re-filled. As this vulnerability requires script right to exploit, and script right already allows unlimited execution of scripts, the additional impact due to this vulnerability is low. This issue has been patched in versions 15.10.12, 16.4.3, and 16.8.0-rc-1.
Severity: 2.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 15:16:00 GMT

read more

CVE-2025-32973 - XWiki Privilege Escalation Vulnerability

CVE ID : CVE-2025-32973
Published : April 30, 2025, 3:16 p.m. | 3 hours, 23 minutes ago
Description : XWiki is a generic wiki platform. In versions starting from 15.9-rc-1 to before 15.10.12, from 16.0.0-rc-1 to before 16.4.3, and from 16.5.0-rc-1 to before 16.8.0-rc-1, when a user with programming rights edits a document in XWiki that was last edited by a user without programming rights and contains an XWiki.ComponentClass, there is no warning that this will grant programming rights to this object. An attacker who created such a malicious object could use this to gain programming rights on the wiki. For this, the attacker needs to have edit rights on at least one page to place this object and then get an admin user to edit that document. This issue has been patched in versions 15.10.12, 16.4.3, and 16.8.0-rc-1.
Severity: 9.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 15:16:00 GMT

read more

CVE-2025-32974 - XWiki Cross-Site Scripting (XSS) and Privilege Escalation Vulnerability

CVE ID : CVE-2025-32974
Published : April 30, 2025, 3:16 p.m. | 3 hours, 23 minutes ago
Description : XWiki is a generic wiki platform. In versions starting from 15.9-rc-1 to before 15.10.8 and from 16.0.0-rc-1 to before 16.2.0, the required rights analysis doesn't consider TextAreas with default content type. When editing a page, XWiki warns since version 15.9 when there is content on the page like a script macro that would gain more rights due to the editing. This analysis doesn't consider certain kinds of properties, allowing a user to put malicious scripts in there that will be executed after a user with script, admin, or programming rights edited the page. Such a malicious script could impact the confidentiality, integrity and availability of the whole XWiki installation. This issue has been patched in versions 15.10.8 and 16.2.0.
Severity: 9.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 15:16:00 GMT

read more

CVE-2025-46342 - Kyverno Namespace Selector Bypass Vulnerability

CVE ID : CVE-2025-46342
Published : April 30, 2025, 3:16 p.m. | 3 hours, 23 minutes ago
Description : Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to versions 1.13.5 and 1.14.0, it may happen that policy rules using namespace selector(s) in their match statements are mistakenly not applied during admission review request processing due to a missing error propagation in function `GetNamespaceSelectorsFromNamespaceLister` in `pkg/utils/engine/labels.go`. As a consequence, security-critical mutations and validations are bypassed, potentially allowing attackers with K8s API access to perform malicious operations. This issue has been patched in versions 1.13.5 and 1.14.0.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 15:16:00 GMT

read more

CVE-2025-4122 - Netgear JWNR2000 Command Injection Vulnerability

CVE ID : CVE-2025-4122
Published : April 30, 2025, 3:16 p.m. | 3 hours, 23 minutes ago
Description : A vulnerability was found in Netgear JWNR2000v2 1.0.0.11. It has been rated as critical. Affected by this issue is the function sub_435E04. The manipulation of the argument host leads to command injection. The attack may be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 15:16:00 GMT

read more

CVE-2025-27134 - Joplin Privilege Escalation Vulnerability

CVE ID : CVE-2025-27134
Published : April 30, 2025, 3:16 p.m. | 3 hours, 8 minutes ago
Description : Joplin is a free, open source note taking and to-do application, which can handle a large number of notes organised into notebooks. Prior to version 3.3.3, a privilege escalation vulnerability exists in the Joplin server, allowing non-admin users to exploit the API endpoint `PATCH /api/users/:id` to set the `is_admin` field to 1. The vulnerability allows malicious low-privileged users to perform administrative actions without proper authorization. This issue has been patched in version 3.3.3.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 15:16:00 GMT

read more

CVE-2025-27409 - Joplin Server Path Traversal Vulnerability

CVE ID : CVE-2025-27409
Published : April 30, 2025, 3:16 p.m. | 3 hours, 8 minutes ago
Description : Joplin is a free, open source note taking and to-do application, which can handle a large number of notes organised into notebooks. Prior to version 3.3.3, path traversal is possible in Joplin Server if static file path starts with `css/pluginAssets` or `js/pluginAssets`. The `findLocalFile` function in the `default route` calls `localFileFromUrl` to check for special `pluginAssets` paths. If the function returns a path, the result is returned directly, without checking for path traversal. The vulnerability allows attackers to read files outside the intended directories. This issue has been patched in version 3.3.3.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 15:16:00 GMT

read more

CVE-2025-45009 - PHPGurukul Park Ticketing Management System HTML Injection

CVE ID : CVE-2025-45009
Published : April 30, 2025, 2:15 p.m. | 4 hours, 8 minutes ago
Description : A HTML Injection vulnerability was discovered in the normal-search.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary code via the searchdata parameter.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 14:15:00 GMT

read more

CVE-2025-45010 - PHPGurukul Park Ticketing Management System HTML Injection

CVE ID : CVE-2025-45010
Published : April 30, 2025, 2:15 p.m. | 4 hours, 8 minutes ago
Description : A HTML Injection vulnerability was discovered in the normal-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary code via the fromdate and todate POST request parameters.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 14:15:00 GMT

read more

CVE-2025-45011 - "PHPGurukul Park Ticketing Management System HTML Injection Vulnerability"

CVE ID : CVE-2025-45011
Published : April 30, 2025, 2:15 p.m. | 4 hours, 8 minutes ago
Description : A HTML Injection vulnerability was discovered in the foreigner-search.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary code via the searchdata POST request parameter.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 14:15:00 GMT

read more

CVE-2025-45015 - PHPGurukul Park Ticketing Management System Cross-Site Scripting (XSS)

CVE ID : CVE-2025-45015
Published : April 30, 2025, 2:15 p.m. | 4 hours, 8 minutes ago
Description : A Cross-Site Scripting (XSS) vulnerability was discovered in the foreigner-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management System v2.0. The vulnerability allows remote attackers to inject arbitrary JavaScript code via the fromdate and todate parameters.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 14:15:00 GMT

read more

CVE-2025-45017 - PHPGurukul Park Ticketing Management System SQL Injection Vulnerability

CVE ID : CVE-2025-45017
Published : April 30, 2025, 2:15 p.m. | 4 hours, 8 minutes ago
Description : A SQL injection vulnerability was discovered in edit-ticket.php of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary code via the tprice POST request parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 14:15:00 GMT

read more

CVE-2025-45018 - PHPGurukul Park Ticketing Management System SQL Injection

CVE ID : CVE-2025-45018
Published : April 30, 2025, 2:15 p.m. | 4 hours, 8 minutes ago
Description : A SQL Injection vulnerability was discovered in the foreigner-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary SQL code via the todate parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 14:15:00 GMT

read more

CVE-2025-45019 - PHPGurukul Park Ticketing Management System SQL Injection

CVE ID : CVE-2025-45019
Published : April 30, 2025, 2:15 p.m. | 4 hours, 8 minutes ago
Description : A SQL injection vulnerability was discovered in /add-foreigners-ticket.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary code via the cprice POST request parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 14:15:00 GMT

read more

CVE-2025-45021 - PHPGurukul Directory Management System SQL Injection

CVE ID : CVE-2025-45021
Published : April 30, 2025, 2:15 p.m. | 4 hours, 8 minutes ago
Description : A SQL Injection vulnerability was identified in the admin/edit-directory.php file of the PHPGurukul Directory Management System v2.0. Attackers can exploit this vulnerability via the email parameter in a POST request to execute arbitrary SQL commands.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 14:15:00 GMT

read more

CVE-2025-4118 - Weitong Mall Product History Handler Improper Access Controls Vulnerability

CVE ID : CVE-2025-4118
Published : April 30, 2025, 2:15 p.m. | 4 hours, 8 minutes ago
Description : A vulnerability classified as critical has been found in Weitong Mall 1.0.0. This affects an unknown part of the file /historyList of the component Product History Handler. The manipulation of the argument isDelete with the input 1 leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 14:15:00 GMT

read more

CVE-2025-4119 - Weitong Mall Product Statistics Handler Improper Access Controls

CVE ID : CVE-2025-4119
Published : April 30, 2025, 2:15 p.m. | 4 hours, 8 minutes ago
Description : A vulnerability classified as critical was found in Weitong Mall 1.0.0. This vulnerability affects unknown code of the file /queryTotal of the component Product Statistics Handler. The manipulation of the argument isDelete with the input 1 leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 14:15:00 GMT

read more

CVE-2025-4120 - Netgear JWNR2000 Remote Buffer Overflow Vulnerability

CVE ID : CVE-2025-4120
Published : April 30, 2025, 2:15 p.m. | 4 hours, 8 minutes ago
Description : A vulnerability was found in Netgear JWNR2000v2 1.0.0.11. It has been classified as critical. Affected is the function sub_4238E8. The manipulation of the argument host leads to buffer overflow. It is possible to launch the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 14:15:00 GMT

read more

CVE-2025-4121 - Netgear JWNR2000v2 Command Injection Vulnerability

CVE ID : CVE-2025-4121
Published : April 30, 2025, 2:15 p.m. | 4 hours, 8 minutes ago
Description : A vulnerability was found in Netgear JWNR2000v2 1.0.0.11. It has been declared as critical. Affected by this vulnerability is the function cmd_wireless. The manipulation of the argument host leads to command injection. The attack can be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 14:15:00 GMT

read more

CVE-2025-4117 - Netgear JWNR2000 Buffer Overflow Vulnerability

CVE ID : CVE-2025-4117
Published : April 30, 2025, 1:15 p.m. | 5 hours, 8 minutes ago
Description : A vulnerability, which was classified as critical, was found in Netgear JWNR2000v2 1.0.0.11. This affects the function sub_41A914. The manipulation of the argument host leads to buffer overflow. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 13:15:00 GMT

read more

CVE-2025-4115 - Netgear JWNR2000v2 Buffer Overflow Vulnerability

CVE ID : CVE-2025-4115
Published : April 30, 2025, 1:15 p.m. | 3 hours, 8 minutes ago
Description : A vulnerability classified as critical was found in Netgear JWNR2000v2 1.0.0.11. Affected by this vulnerability is the function default_version_is_new. The manipulation of the argument host leads to buffer overflow. The attack can be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 13:15:00 GMT

read more

CVE-2025-4116 - Netgear JWNR2000 Buffer Overflow Vulnerability

CVE ID : CVE-2025-4116
Published : April 30, 2025, 1:15 p.m. | 3 hours, 8 minutes ago
Description : A vulnerability, which was classified as critical, has been found in Netgear JWNR2000v2 1.0.0.11. Affected by this issue is the function get_cur_lang_ver. The manipulation of the argument host leads to buffer overflow. The attack may be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 13:15:00 GMT

read more

CVE-2025-3394 - ABB Automation Builder Improper Privilege Management

CVE ID : CVE-2025-3394
Published : April 30, 2025, 1:15 p.m. | 1 hour, 18 minutes ago
Description : Incorrect Permission Assignment for Critical Resource vulnerability in ABB Automation Builder.This issue affects Automation Builder: through 2.8.0.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 13:15:00 GMT

read more

CVE-2025-3395 - ABB Automation Builder Incorrect Permission Assignment for Critical Resource, Cleartext Storage of Sensitive Information

CVE ID : CVE-2025-3395
Published : April 30, 2025, 1:15 p.m. | 1 hour, 18 minutes ago
Description : Incorrect Permission Assignment for Critical Resource, Cleartext Storage of Sensitive Information vulnerability in ABB Automation Builder.This issue affects Automation Builder: through 2.8.0.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 13:15:00 GMT

read more

CVE-2025-45007 - PHPGurukul Timetable Generator System Reflected Cross-Site Scripting (XSS)

CVE ID : CVE-2025-45007
Published : April 30, 2025, 1:15 p.m. | 1 hour, 18 minutes ago
Description : A Reflected Cross-Site Scripting (XSS) vulnerability was discovered in the profile.php file of PHPGurukul Timetable Generator System v1.0. This vulnerability allows remote attackers to execute arbitrary JavaScript code via the adminname POST request parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 13:15:00 GMT

read more

CVE-2025-45020 - PHPGurukul Park Ticketing Management System SQL Injection

CVE ID : CVE-2025-45020
Published : April 30, 2025, 1:15 p.m. | 1 hour, 18 minutes ago
Description : A SQL Injection vulnerability was discovered in the normal-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary SQL code via the todate parameter in a POST request.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 13:15:00 GMT

read more

CVE-2025-24348 - CtrlX OS Network Interfaces HTTP Request Manipulation Vulnerability

CVE ID : CVE-2025-24348
Published : April 30, 2025, 12:15 p.m. | 2 hours, 18 minutes ago
Description : A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to manipulate the wireless network configuration file via a crafted HTTP request.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 12:15:00 GMT

read more

CVE-2025-24349 - CtrlX OS Network Interfaces HTTP Request Deletion Vulnerability

CVE ID : CVE-2025-24349
Published : April 30, 2025, 12:15 p.m. | 2 hours, 18 minutes ago
Description : A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated (lowprivileged) attacker to delete the configuration of physical network interfaces via a crafted HTTP request.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 12:15:00 GMT

read more

CVE-2025-24350 - CtrlX OS Certificates and Keys Arbitrary File Write Vulnerability

CVE ID : CVE-2025-24350
Published : April 30, 2025, 12:15 p.m. | 2 hours, 18 minutes ago
Description : A vulnerability in the “Certificates and Keys” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to write arbitrary certificates in arbitrary file system paths via a crafted HTTP request.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 12:15:00 GMT

read more

CVE-2025-24351 - CtrlX OS Remote Command Execution Vulnerability

CVE ID : CVE-2025-24351
Published : April 30, 2025, 12:15 p.m. | 2 hours, 18 minutes ago
Description : A vulnerability in the “Remote Logging” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to execute arbitrary OS commands in the context of user “root” via a crafted HTTP request.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 12:15:00 GMT

read more

CVE-2025-27532 - "ctrlX OS Web Application Backup Restore Authentication Bypass"

CVE ID : CVE-2025-27532
Published : April 30, 2025, 12:15 p.m. | 2 hours, 18 minutes ago
Description : A vulnerability in the “Backup & Restore” functionality of the web application of ctrlX OS allows a remote authenticated (lowprivileged) attacker to access secret information via multiple crafted HTTP requests.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 12:15:00 GMT

read more

CVE-2025-4114 - Netgear JWNR2000 Buffer Overflow Vulnerability

CVE ID : CVE-2025-4114
Published : April 30, 2025, 12:15 p.m. | 2 hours, 18 minutes ago
Description : A vulnerability classified as critical has been found in Netgear JWNR2000v2 1.0.0.11. Affected is the function check_language_file. The manipulation of the argument host leads to buffer overflow. It is possible to launch the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 12:15:00 GMT

read more

CVE-2025-24341 - CtrlX OS HTTP Request Flood Denial-of-Service Vulnerability

CVE ID : CVE-2025-24341
Published : April 30, 2025, 12:15 p.m. | 22 minutes ago
Description : A vulnerability in the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to induce a Denial-of-Service (DoS) condition on the device via multiple crafted HTTP requests. In the worst case, a full power cycle is needed to regain control of the device.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 12:15:00 GMT

read more

CVE-2025-24342 - CtrlX OS Username Guessing Information Disclosure Vulnerability

CVE ID : CVE-2025-24342
Published : April 30, 2025, 12:15 p.m. | 22 minutes ago
Description : A vulnerability in the login functionality of the web application of ctrlX OS allows a remote unauthenticated attacker to guess valid usernames via multiple crafted HTTP requests.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 12:15:00 GMT

read more

CVE-2025-24343 - CtrlX OS File Write Vulnerability

CVE ID : CVE-2025-24343
Published : April 30, 2025, 12:15 p.m. | 22 minutes ago
Description : A vulnerability in the “Manages app data” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to write arbitrary files in arbitrary file system paths via a crafted HTTP request.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 12:15:00 GMT

read more

CVE-2025-24344 - CtrlX OS Cross-Site Scripting (XSS)

CVE ID : CVE-2025-24344
Published : April 30, 2025, 12:15 p.m. | 22 minutes ago
Description : A vulnerability in the error notification messages of the web application of ctrlX OS allows a remote unauthenticated attacker to inject arbitrary HTML tags and, possibly, execute arbitrary client-side code in the context of another user's browser via a crafted HTTP request.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 12:15:00 GMT

read more

CVE-2025-24345 - CtrlX OS Hosts File Manipulation Remote File Inclusion Vulnerability

CVE ID : CVE-2025-24345
Published : April 30, 2025, 12:15 p.m. | 22 minutes ago
Description : A vulnerability in the “Hosts” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to manipulate the “hosts” file in an unintended manner via a crafted HTTP request.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 12:15:00 GMT

read more

CVE-2025-24346 - CtrlX OS Proxy Environment Variable Manipulation Vulnerability

CVE ID : CVE-2025-24346
Published : April 30, 2025, 12:15 p.m. | 22 minutes ago
Description : A vulnerability in the “Proxy” functionality of the web application of ctrlX OS allows a remote authenticated (lowprivileged) attacker to manipulate the “/etc/environment” file via a crafted HTTP request.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 12:15:00 GMT

read more

CVE-2025-24347 - CtrlX OS Network Interfaces HTTP Request Manipulation Vulnerability

CVE ID : CVE-2025-24347
Published : April 30, 2025, 12:15 p.m. | 22 minutes ago
Description : A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to manipulate the network configuration file via a crafted HTTP request.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 12:15:00 GMT

read more

CVE-2025-24338 - CtrlX OS Cross-Site Scripting (XSS)

CVE ID : CVE-2025-24338
Published : April 30, 2025, 11:15 a.m. | 1 hour, 22 minutes ago
Description : A vulnerability in the “Manages app data” functionality of the web application of ctrlX OS allows a remote authenticated (lowprivileged) attacker to execute arbitrary client-side code in the context of another user's browser via multiple crafted HTTP requests.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 11:15:00 GMT

read more

CVE-2025-24339 - CtrlX OS HTTP Request Manipulation Vulnerability

CVE ID : CVE-2025-24339
Published : April 30, 2025, 11:15 a.m. | 1 hour, 22 minutes ago
Description : A vulnerability in the web application of ctrlX OS allows a remote unauthenticated attacker to conduct various attacks against users of the vulnerable system, including web cache poisoning or Man-in-the-Middle (MitM), via a crafted HTTP request.
Severity: 5.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 11:15:00 GMT

read more

CVE-2025-24340 - CtrlX OS Password Disclosure Vulnerability

CVE ID : CVE-2025-24340
Published : April 30, 2025, 11:15 a.m. | 1 hour, 22 minutes ago
Description : A vulnerability in the users configuration file of ctrlX OS may allow a remote authenticated (low-privileged) attacker to recover the plaintext passwords of other users.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 11:15:00 GMT

read more

CVE-2025-4110 - PHPGurukul Pre-School Enrollment System SQL Injection Vulnerability

CVE ID : CVE-2025-4110
Published : April 30, 2025, 11:15 a.m. | 1 hour, 22 minutes ago
Description : A vulnerability was found in PHPGurukul Pre-School Enrollment System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/edit-teacher.php. The manipulation of the argument mobilenumber leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 11:15:00 GMT

read more

CVE-2025-4111 - PHPGurukul Pre-School Enrollment System SQL Injection Vulnerability

CVE ID : CVE-2025-4111
Published : April 30, 2025, 11:15 a.m. | 1 hour, 22 minutes ago
Description : A vulnerability was found in PHPGurukul Pre-School Enrollment System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/visitor-details.php. The manipulation of the argument Status leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 11:15:00 GMT

read more

CVE-2025-4112 - PHPGurukul Student Record System SQL Injection Vulnerability

CVE ID : CVE-2025-4112
Published : April 30, 2025, 11:15 a.m. | 1 hour, 22 minutes ago
Description : A vulnerability was found in PHPGurukul Student Record System 3.20. It has been declared as critical. This vulnerability affects unknown code of the file /add-course.php. The manipulation of the argument course-short leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 11:15:00 GMT

read more

CVE-2025-4113 - PHPGurukul Curfew e-Pass Management System SQL Injection

CVE ID : CVE-2025-4113
Published : April 30, 2025, 11:15 a.m. | 1 hour, 22 minutes ago
Description : A vulnerability was found in PHPGurukul Curfew e-Pass Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/edit-pass-detail.php. The manipulation of the argument editid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 11:15:00 GMT

read more

CVE-2025-4108 - PHPGurukul Student Record System SQL Injection Vulnerability

CVE ID : CVE-2025-4108
Published : April 30, 2025, 10:15 a.m. | 2 hours, 22 minutes ago
Description : A vulnerability, which was classified as critical, was found in PHPGurukul Student Record System 3.20. Affected is an unknown function of the file /add-subject.php. The manipulation of the argument sub1 leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 10:15:00 GMT

read more

CVE-2025-4109 - PHPGurukul Pre-School Enrollment System SQL Injection Vulnerability

CVE ID : CVE-2025-4109
Published : April 30, 2025, 10:15 a.m. | 2 hours, 22 minutes ago
Description : A vulnerability has been found in PHPGurukul Pre-School Enrollment System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/edit-subadmin.php. The manipulation of the argument mobilenumber leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 10:15:00 GMT

read more

CVE-2025-2890 - TagDiv Opt-In Builder WordPress SQL Injection

CVE ID : CVE-2025-2890
Published : April 30, 2025, 9:15 a.m. | 3 hours, 22 minutes ago
Description : The tagDiv Opt-In Builder plugin for WordPress is vulnerable to time-based SQL Injection via the ‘subscriptionCouponId’ parameter in all versions up to, and including, 1.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 09:15:00 GMT

read more

CVE-2025-4124 - Delta Electronics ISPSoft Out-Of-Bounds Write Vulnerability

CVE ID : CVE-2025-4124
Published : April 30, 2025, 9:15 a.m. | 3 hours, 22 minutes ago
Description : Delta Electronics ISPSoft version 3.20 is vulnerable to an Out-Of-Bounds Write vulnerability that could allow an attacker to execute arbitrary code when parsing ISP file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 09:15:00 GMT

read more

CVE-2025-4125 - Delta Electronics ISPSoft Out-Of-Bounds Write Vulnerability

CVE ID : CVE-2025-4125
Published : April 30, 2025, 9:15 a.m. | 3 hours, 22 minutes ago
Description : Delta Electronics ISPSoft version 3.20 is vulnerable to an Out-Of-Bounds Write vulnerability that could allow an attacker to execute arbitrary code when parsing ISP file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 09:15:00 GMT

read more

CVE-2025-22882 - Delta Electronics ISPSoft Buffer Overflow

CVE ID : CVE-2025-22882
Published : April 30, 2025, 8:15 a.m. | 2 hours, 8 minutes ago
Description : Delta Electronics ISPSoft version 3.20 is vulnerable to a Stack-Based buffer overflow vulnerability that could allow an attacker to leverage debugging logic to execute arbitrary code when parsing CBDGL file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 08:15:00 GMT

read more

CVE-2025-22883 - Delta Electronics ISPSoft Out-Of-Bounds Write Vulnerability

CVE ID : CVE-2025-22883
Published : April 30, 2025, 8:15 a.m. | 2 hours, 8 minutes ago
Description : Delta Electronics ISPSoft version 3.20 is vulnerable to an Out-Of-Bounds Write vulnerability that could allow an attacker to execute arbitrary code when parsing DVP file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 08:15:00 GMT

read more

CVE-2025-22884 - Delta Electronics ISPSoft Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-22884
Published : April 30, 2025, 8:15 a.m. | 2 hours, 8 minutes ago
Description : Delta Electronics ISPSoft version 3.20 is vulnerable to a Stack-Based buffer overflow vulnerability that could allow an attacker to execute arbitrary code when parsing DVP file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 08:15:00 GMT

read more

CVE-2025-3471 - "SureForms WordPress Plugin Unauthenticated Configuration Update"

CVE ID : CVE-2025-3471
Published : April 30, 2025, 6:15 a.m. | 4 hours, 8 minutes ago
Description : The SureForms WordPress plugin before 1.4.4 does not have proper authorisation check when updating its settings via the REST API, which could allow Contributor and above roles to perform such action
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 06:15:00 GMT

read more

CVE-2025-3953 - WordPress WP Statistics Unauthenticated Settings Modification Vulnerability

CVE ID : CVE-2025-3953
Published : April 30, 2025, 6:15 a.m. | 4 hours, 8 minutes ago
Description : The WP Statistics – The Most Popular Privacy-Friendly Analytics Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'optionUpdater' function in all versions up to, and including, 14.13.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary plugin settings.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 06:15:00 GMT

read more

CVE-2025-46778 - Apache HTTP Server Denial of Service

CVE ID : CVE-2025-46778
Published : April 30, 2025, 3:15 a.m. | 7 hours, 8 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 03:15:00 GMT

read more

CVE-2025-46779 - Apache HTTP Server HTTP Header Injection

CVE ID : CVE-2025-46779
Published : April 30, 2025, 3:15 a.m. | 7 hours, 8 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 03:15:00 GMT

read more

CVE-2025-46780 - Apache HTTP Server Denial of Service

CVE ID : CVE-2025-46780
Published : April 30, 2025, 3:15 a.m. | 7 hours, 8 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 03:15:00 GMT

read more

CVE-2025-46781 - Apache OpenOffice Insufficient Input Validation

CVE ID : CVE-2025-46781
Published : April 30, 2025, 3:15 a.m. | 7 hours, 8 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 03:15:00 GMT

read more

CVE-2025-46782 - Apache HTTP Server Unvalidated Request Parameter

CVE ID : CVE-2025-46782
Published : April 30, 2025, 3:15 a.m. | 7 hours, 8 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 03:15:00 GMT

read more

CVE-2025-30202 - vLLM ZeroMQ Denial of Service and Data Exposure Vulnerability

CVE ID : CVE-2025-30202
Published : April 30, 2025, 1:15 a.m. | 9 hours, 8 minutes ago
Description : vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Versions starting from 0.5.2 and prior to 0.8.5 are vulnerable to denial of service and data exposure via ZeroMQ on multi-node vLLM deployment. In a multi-node vLLM deployment, vLLM uses ZeroMQ for some multi-node communication purposes. The primary vLLM host opens an XPUB ZeroMQ socket and binds it to ALL interfaces. While the socket is always opened for a multi-node deployment, it is only used when doing tensor parallelism across multiple hosts. Any client with network access to this host can connect to this XPUB socket unless its port is blocked by a firewall. Once connected, these arbitrary clients will receive all of the same data broadcasted to all of the secondary vLLM hosts. This data is internal vLLM state information that is not useful to an attacker. By potentially connecting to this socket many times and not reading data published to them, an attacker can also cause a denial of service by slowing down or potentially blocking the publisher. This issue has been patched in version 0.8.5.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 01:15:00 GMT

read more

CVE-2025-32444 - "vLLM Mooncake ZeroMQ Remote Code Execution"

CVE ID : CVE-2025-32444
Published : April 30, 2025, 1:15 a.m. | 9 hours, 8 minutes ago
Description : vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Versions starting from 0.6.5 and prior to 0.8.5, having vLLM integration with mooncake, are vulnerable to remote code execution due to using pickle based serialization over unsecured ZeroMQ sockets. The vulnerable sockets were set to listen on all network interfaces, increasing the likelihood that an attacker is able to reach the vulnerable ZeroMQ sockets to carry out an attack. vLLM instances that do not make use of the mooncake integration are not vulnerable. This issue has been patched in version 0.8.5.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 01:15:00 GMT

read more

CVE-2025-46560 - LLaMA LLM Multimodal Tokenizer Resource Exhaustion

CVE ID : CVE-2025-46560
Published : April 30, 2025, 1:15 a.m. | 9 hours, 8 minutes ago
Description : vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Versions starting from 0.8.0 and prior to 0.8.5 are affected by a critical performance vulnerability in the input preprocessing logic of the multimodal tokenizer. The code dynamically replaces placeholder tokens (e.g., <|audio_|>, <|image_|>) with repeated tokens based on precomputed lengths. Due to ​​inefficient list concatenation operations​​, the algorithm exhibits ​​quadratic time complexity (O(n²))​​, allowing malicious actors to trigger resource exhaustion via specially crafted inputs. This issue has been patched in version 0.8.5.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 30 Apr 2025 01:15:00 GMT

read more

CVE-2025-29906 - Finit TTY Authentication Bypass Vulnerability

CVE ID : CVE-2025-29906
Published : April 29, 2025, 11:16 p.m. | 11 hours, 8 minutes ago
Description : Finit is a fast init for Linux systems. Versions starting from 3.0-rc1 and prior to version 4.11 bundle an implementation of getty for the `tty` configuration directive that can bypass `/bin/login`, i.e., a user can log in as any user without authentication. This issue has been patched in version 4.11.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 23:16:00 GMT

read more

CVE-2025-3358 - CVE-2022-36337Oracle WebLogic Server Cross-Site Scripting

CVE ID : CVE-2025-3358
Published : April 29, 2025, 11:16 p.m. | 11 hours, 8 minutes ago
Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 23:16:00 GMT

read more

CVE-2025-46552 - GitHub KHC-INVITATION-AUTOMATION Unauthenticated User Data Disclosure

CVE ID : CVE-2025-46552
Published : April 29, 2025, 11:16 p.m. | 11 hours, 8 minutes ago
Description : KHC-INVITATION-AUTOMATION is a GitHub automation script that automatically invites followers of a bot account to join your organization. In some commits on version 1.2, a vulnerability was identified where user data, including email addresses and Discord usernames, were exposed in API responses without proper access controls. This allowed unauthorized users to access sensitive user information by directly calling specific endpoints. This issue has been patched in a later commit on version 1.2.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 23:16:00 GMT

read more

CVE-2023-4377 - Apache Struts Remote Code Execution Vulnerability

CVE ID : CVE-2023-4377
Published : April 29, 2025, 11:15 p.m. | 11 hours, 8 minutes ago
Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 23:15:00 GMT

read more

CVE-2025-3910 - Keycloak Authorization Bypass Vulnerability

CVE ID : CVE-2025-3910
Published : April 29, 2025, 9:15 p.m. | 13 hours, 8 minutes ago
Description : A flaw was found in Keycloak. The org.keycloak.authorization package may be vulnerable to circumventing required actions, allowing users to circumvent requirements such as setting up two-factor authentication.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 21:15:00 GMT

read more

CVE-2025-46344 - Auth0 Next.js SDK: JWE Token Expiration Claim Omission

CVE ID : CVE-2025-46344
Published : April 29, 2025, 9:15 p.m. | 13 hours, 8 minutes ago
Description : The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. Versions starting from 4.0.1 and prior to 4.5.1, do not invoke `.setExpirationTime` when generating a JWE token for the session. As a result, the JWE does not contain an internal expiration claim. While the session cookie may expire or be cleared, the JWE remains valid. This issue has been patched in version 4.5.1.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 21:15:00 GMT

read more

CVE-2025-46348 - YesWiki Unauthenticated Archive Creation and Download Vulnerability

CVE ID : CVE-2025-46348
Published : April 29, 2025, 9:15 p.m. | 13 hours, 8 minutes ago
Description : YesWiki is a wiki system written in PHP. Prior to version 4.5.4, the request to commence a site backup can be performed and downloaded without authentication. The archives are created with a predictable filename, so a malicious user could create and download an archive without being authenticated. This could result in a malicious attacker making numerous requests to create archives and fill up the file system, or by downloading the archive which contains sensitive site information. This issue has been patched in version 4.5.4.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 21:15:00 GMT

read more

CVE-2025-46549 - YesWiki Reflected Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-46549
Published : April 29, 2025, 9:15 p.m. | 13 hours, 8 minutes ago
Description : YesWiki is a wiki system written in PHP. Prior to version 4.5.4, an attacker can use a reflected cross-site scripting attack to steal cookies from an authenticated user by having them click on a malicious link. Stolen cookies allow the attacker to take over the user’s session. This vulnerability may also allow attackers to deface the website or embed malicious content. This issue has been patched in version 4.5.4.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 21:15:00 GMT

read more

CVE-2025-46550 - YesWiki Reflected Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-46550
Published : April 29, 2025, 9:15 p.m. | 13 hours, 8 minutes ago
Description : YesWiki is a wiki system written in PHP. Prior to version 4.5.4, the `/?BazaR` endpoint and `idformulaire` parameter are vulnerable to cross-site scripting. An attacker can use a reflected cross-site scripting attack to steal cookies from an authenticated user by having them click on a malicious link. Stolen cookies allow the attacker to take over the user’s session. This vulnerability may also allow attackers to deface the website or embed malicious content. This issue has been patched in version 4.5.4.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 21:15:00 GMT

read more

CVE-2025-3501 - Keycloak Certificate Verification Bypass

CVE ID : CVE-2025-3501
Published : April 29, 2025, 9:15 p.m. | 11 hours, 17 minutes ago
Description : A flaw was found in Keycloak. By setting a verification policy to 'ALL', the trust store certificate verification is skipped, which is unintended.
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 21:15:00 GMT

read more

CVE-2025-4078 - Wangshen SecGate 3600 2400 File Path Traversal Vulnerability

CVE ID : CVE-2025-4078
Published : April 29, 2025, 8:15 p.m. | 12 hours, 17 minutes ago
Description : A vulnerability, which was classified as problematic, has been found in Wangshen SecGate 3600 2400. This issue affects some unknown processing of the file ?g=log_export_file. The manipulation of the argument file_name leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 20:15:00 GMT

read more

CVE-2025-4080 - "PHPGurukul Online Nurse Hiring System SQL Injection Vulnerability"

CVE ID : CVE-2025-4080
Published : April 29, 2025, 8:15 p.m. | 12 hours, 17 minutes ago
Description : A vulnerability has been found in PHPGurukul Online Nurse Hiring System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/view-request.php. The manipulation of the argument viewid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 20:15:00 GMT

read more

CVE-2024-57698 - Modernwms Information Disclosure Vulnerability

CVE ID : CVE-2024-57698
Published : April 29, 2025, 8:15 p.m. | 10 hours, 17 minutes ago
Description : An issue in modernwms v.1.0 allows an attacker view the MD5 hash of the administrator password and other attributes without authentication, even after initial configuration and password change. This happens due to excessive exposure of information and the lack of adequate access control on the /user/list?culture=en-us endpoint.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 20:15:00 GMT

read more

CVE-2025-0520 - ShowDoc Unrestricted File Upload RCE

CVE ID : CVE-2025-0520
Published : April 29, 2025, 8:15 p.m. | 10 hours, 17 minutes ago
Description : An unrestricted file upload vulnerability in ShowDoc caused by improper validation of file extension allows execution of arbitrary PHP, leading to remote code execution.This issue affects ShowDoc: before 2.8.7.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 20:15:00 GMT

read more

CVE-2025-4079 - PCMan FTP Server Buffer Overflow Vulnerability

CVE ID : CVE-2025-4079
Published : April 29, 2025, 7:15 p.m. | 11 hours, 16 minutes ago
Description : A vulnerability, which was classified as critical, was found in PCMan FTP Server up to 2.0.7. Affected is an unknown function of the component RENAME Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 19:15:00 GMT

read more

CVE-2025-4077 - Code-projects School Billing System Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-4077
Published : April 29, 2025, 6:15 p.m. | 10 hours, 16 minutes ago
Description : A vulnerability classified as critical was found in code-projects School Billing System 1.0. This vulnerability affects the function searchrec. The manipulation of the argument Name leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 18:15:00 GMT

read more

CVE-2025-4095 - Docker Desktop MacOS Registry Access Bypass Vulnerability

CVE ID : CVE-2025-4095
Published : April 29, 2025, 6:15 p.m. | 10 hours, 16 minutes ago
Description : Registry Access Management (RAM) is a security feature allowing administrators to restrict access for their developers to only allowed registries. When a MacOS configuration profile is used to enforce organization sign-in, the RAM policies are not being applied, which would allow Docker Desktop users to pull down unapproved, and potentially malicious images from any registry.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 18:15:00 GMT

read more

CVE-2025-46349 - YesWiki Reflected Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-46349
Published : April 29, 2025, 6:15 p.m. | 8 hours, 15 minutes ago
Description : YesWiki is a wiki system written in PHP. Prior to version 4.5.4, YesWiki is vulnerable to reflected XSS in the file upload form. This vulnerability allows any malicious unauthenticated user to create a link that can be clicked on by the victim to perform arbitrary actions. This issue has been patched in version 4.5.4.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 18:15:00 GMT

read more

CVE-2025-46350 - YesWiki Reflected Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-46350
Published : April 29, 2025, 6:15 p.m. | 8 hours, 15 minutes ago
Description : YesWiki is a wiki system written in PHP. Prior to version 4.5.4, an attacker can use a reflected cross-site scripting attack to steal cookies from an authenticated user by having them click on a malicious link. Stolen cookies allow the attacker to take over the user’s session. This vulnerability may also allow attackers to deface the website or embed malicious content. This issue has been patched in version 4.5.4.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 18:15:00 GMT

read more

CVE-2025-4074 - PHPGurukul Curfew e-Pass Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4074
Published : April 29, 2025, 6:15 p.m. | 8 hours, 15 minutes ago
Description : A vulnerability was found in PHPGurukul Curfew e-Pass Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/pass-bwdates-report.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 18:15:00 GMT

read more

CVE-2025-4075 - VMSMan Cross Site Scripting Vulnerability

CVE ID : CVE-2025-4075
Published : April 29, 2025, 6:15 p.m. | 8 hours, 15 minutes ago
Description : A vulnerability was found in VMSMan up to 20250416. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /login.php. The manipulation of the argument Email with the input "> leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 18:15:00 GMT

read more

CVE-2025-4076 - LB-LINK BL-AC3600 Password Handler Command Injection Vulnerability

CVE ID : CVE-2025-4076
Published : April 29, 2025, 6:15 p.m. | 8 hours, 15 minutes ago
Description : A vulnerability classified as critical has been found in LB-LINK BL-AC3600 up to 1.0.22. This affects the function easy_uci_set_option_string_0 of the file /cgi-bin/lighttpd.cgi of the component Password Handler. The manipulation of the argument routepwd leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 18:15:00 GMT

read more

CVE-2025-3911 - Docker Desktop Environment Variable Disclosure

CVE ID : CVE-2025-3911
Published : April 29, 2025, 6:15 p.m. | 6 hours, 8 minutes ago
Description : Recording of environment variables, configured for running containers, in Docker Desktop application logs could lead to unintentional disclosure of sensitive information such as api keys, passwords, etc. A malicious actor with read access to these logs could obtain sensitive credentials information and further use it to gain unauthorized access to other systems. Starting with version 4.41.0, Docker Desktop no longer logs environment variables set by the user.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 18:15:00 GMT

read more

CVE-2025-46347 - YesWiki Remote Code Execution Vulnerability

CVE ID : CVE-2025-46347
Published : April 29, 2025, 6:15 p.m. | 6 hours, 8 minutes ago
Description : YesWiki is a wiki system written in PHP. Prior to version 4.5.4, YesWiki vulnerable to remote code execution. An arbitrary file write can be used to write a file with a PHP extension, which then can be browsed to in order to execute arbitrary code on the server, resulting in a full compromise of the server. This could potentially be performed unwittingly by a user. This issue has been patched in version 4.5.4.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 18:15:00 GMT

read more

CVE-2025-4073 - PHPGurukul Student Record System SQL Injection Vulnerability

CVE ID : CVE-2025-4073
Published : April 29, 2025, 5:15 p.m. | 7 hours, 8 minutes ago
Description : A vulnerability was found in PHPGurukul Student Record System 3.20. It has been classified as critical. Affected is an unknown function of the file /change-password.php. The manipulation of the argument currentpassword leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 17:15:00 GMT

read more

CVE-2025-0716 - AngularJS SVG Image Content Spoofing

CVE ID : CVE-2025-0716
Published : April 29, 2025, 5:15 p.m. | 3 hours, 8 minutes ago
Description : Improper sanitization of the value of the 'href' and 'xlink:href' attributes in '' SVG elements in AngularJS allows attackers to bypass common image source restrictions. This can lead to a form of Content Spoofing https://owasp.org/www-community/attacks/Content_Spoofing  and also negatively affect the application's performance and behavior by using too large or slow-to-load images. This issue affects all versions of AngularJS. Note: The AngularJS project is End-of-Life and will not receive any updates to address this issue. For more information see here https://docs.angularjs.org/misc/version-support-status .
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 17:15:00 GMT

read more

CVE-2025-23180 - Apache HTTP Server Unprivileged Process Execution

CVE ID : CVE-2025-23180
Published : April 29, 2025, 5:15 p.m. | 3 hours, 8 minutes ago
Description : CWE-250: Execution with Unnecessary Privileges
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 17:15:00 GMT

read more

CVE-2025-23181 - Apache Tomcat Unprivileged Command Execution Vulnerability

CVE ID : CVE-2025-23181
Published : April 29, 2025, 5:15 p.m. | 3 hours, 8 minutes ago
Description : CWE-250: Execution with Unnecessary Privileges
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 17:15:00 GMT

read more

CVE-2025-45956 - Sourcecodester Computer Laboratory Management System SQL Injection

CVE ID : CVE-2025-45956
Published : April 29, 2025, 5:15 p.m. | 3 hours, 8 minutes ago
Description : A SQL injection vulnerability in manage_damage.php in Sourcecodester Computer Laboratory Management System v1.0 allows an authenticated attacker to execute arbitrary SQL commands via the "id" parameter
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 17:15:00 GMT

read more

CVE-2025-4072 - PHPGurukul Online Nurse Hiring System SQL Injection Vulnerability

CVE ID : CVE-2025-4072
Published : April 29, 2025, 5:15 p.m. | 3 hours, 8 minutes ago
Description : A vulnerability was found in PHPGurukul Online Nurse Hiring System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/edit-nurse.php. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Multiple parameters might be affected.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 17:15:00 GMT

read more

CVE-2025-40616 - Bookgy Reflected XSS

CVE ID : CVE-2025-40616
Published : April 29, 2025, 4:15 p.m. | 4 hours, 8 minutes ago
Description : Reflected Cross-Site Scripting (XSS) vulnerability in Bookgy. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending a malicious URL through the "IDRESERVA" parameter in /bkg_imprimir_comprobante.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 16:15:00 GMT

read more

CVE-2025-40617 - Bookgy SQL Injection Vulnerability

CVE ID : CVE-2025-40617
Published : April 29, 2025, 4:15 p.m. | 4 hours, 8 minutes ago
Description : SQL injection vulnerability in Bookgy. This vulnerability could allow an attacker to retrieve, create, update and delete databases by sending an HTTP request through the "IDTIPO", "IDPISTA" and "IDSOCIO" parameters in /bkg_seleccionar_hora_ajax.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 16:15:00 GMT

read more

CVE-2025-40618 - Bookgy SQL Injection Vulnerability

CVE ID : CVE-2025-40618
Published : April 29, 2025, 4:15 p.m. | 4 hours, 8 minutes ago
Description : SQL injection vulnerability in Bookgy. This vulnerability could allow an attacker to retrieve, create, update and delete databases by sending an HTTP request through the "IDRESERVA"  parameter in /bkg_imprimir_comprobante.php
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 16:15:00 GMT

read more

CVE-2025-40619 - Bookgy Authentication Bypass

CVE ID : CVE-2025-40619
Published : April 29, 2025, 4:15 p.m. | 4 hours, 8 minutes ago
Description : Bookgy does not provide for proper authorisation control in multiple areas of the application. This deficiency could allow a malicious actor, without authentication, to reach private areas and/or areas intended for other roles.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 16:15:00 GMT

read more

CVE-2025-46346 - YesWiki Stored Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-46346
Published : April 29, 2025, 4:15 p.m. | 4 hours, 8 minutes ago
Description : YesWiki is a wiki system written in PHP. Prior to version 4.5.4, a stored cross-site scripting (XSS) vulnerability was discovered in the application’s comments feature. This issue allows a malicious actor to inject JavaScript payloads that are stored and later executed in the browser of any user viewing the affected comment. The XSS occurs because the application fails to properly sanitize or encode user input submitted to the comments. Notably, the application sanitizes or does not allow execution of `` tags, but does not account for payloads obfuscated using JavaScript block comments like `/* JavaScriptPayload */`. This issue has been patched in version 4.5.4.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 16:15:00 GMT

read more

CVE-2025-4068 - Code-projects Simple Movie Ticket Booking System Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-4068
Published : April 29, 2025, 4:15 p.m. | 4 hours, 8 minutes ago
Description : A vulnerability classified as critical was found in code-projects Simple Movie Ticket Booking System 1.0. Affected by this vulnerability is the function changeprize. The manipulation of the argument prize leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 16:15:00 GMT

read more

CVE-2025-4069 - Code-projects Product Management System Stack-Based Buffer Overflow

CVE ID : CVE-2025-4069
Published : April 29, 2025, 4:15 p.m. | 4 hours, 8 minutes ago
Description : A vulnerability, which was classified as critical, has been found in code-projects Product Management System 1.0. Affected by this issue is the function add_item. The manipulation of the argument st.productname leads to stack-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 16:15:00 GMT

read more

CVE-2025-4070 - PHPGurukul Rail Pass Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4070
Published : April 29, 2025, 4:15 p.m. | 4 hours, 8 minutes ago
Description : A vulnerability, which was classified as critical, was found in PHPGurukul Rail Pass Management System 1.0. This affects an unknown part of the file /admin/changeimage.php. The manipulation of the argument editid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 16:15:00 GMT

read more

CVE-2025-4071 - PHPGurukul COVID19 Testing Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4071
Published : April 29, 2025, 4:15 p.m. | 4 hours, 8 minutes ago
Description : A vulnerability has been found in PHPGurukul COVID19 Testing Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /test-details.php. The manipulation of the argument Status leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 16:15:00 GMT

read more

CVE-2025-40615 - Bookgy Reflected Cross-Site Scripting (XSS)

CVE ID : CVE-2025-40615
Published : April 29, 2025, 4:15 p.m. | 2 hours, 44 minutes ago
Description : Reflected Cross-Site Scripting (XSS) vulnerability in Bookgy. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending a malicious URL through the "TEXTO" parameter in /api/api_ajustes.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 16:15:00 GMT

read more

CVE-2025-4065 - ScriptAndTools Online-Travling-System Remote Improper Access Control Vulnerability

CVE ID : CVE-2025-4065
Published : April 29, 2025, 3:15 p.m. | 1 hour, 13 minutes ago
Description : A vulnerability was found in ScriptAndTools Online-Travling-System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/addadvertisement.php. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 15:15:00 GMT

read more

CVE-2025-4066 - ScriptAndTools Online-Travling-System Remote File Inclusion Vulnerability

CVE ID : CVE-2025-4066
Published : April 29, 2025, 3:15 p.m. | 1 hour, 13 minutes ago
Description : A vulnerability was found in ScriptAndTools Online-Travling-System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/addpackage.php. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 15:15:00 GMT

read more

CVE-2025-4067 - ScriptAndTools Online-Travling-System Remote File Inclusion Vulnerability

CVE ID : CVE-2025-4067
Published : April 29, 2025, 3:15 p.m. | 1 hour, 13 minutes ago
Description : A vulnerability classified as critical has been found in ScriptAndTools Online-Travling-System 1.0. Affected is an unknown function of the file /admin/viewpackage.php. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 15:15:00 GMT

read more

CVE-2025-2817 - Mozilla Firefox System File Privilege Escalation

CVE ID : CVE-2025-2817
Published : April 29, 2025, 2:15 p.m. | 2 hours, 14 minutes ago
Description : Mozilla Firefox's update mechanism allowed a medium-integrity user process to interfere with the SYSTEM-level updater by manipulating the file-locking behavior. By injecting code into the user-privileged process, an attacker could bypass intended access controls, allowing SYSTEM-level file operations on paths controlled by a non-privileged user and enabling privilege escalation. This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Firefox ESR < 115.23, Thunderbird < 138, and Thunderbird ESR < 128.10.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 14:15:00 GMT

read more

CVE-2025-3301 - Marvell Series 2 DPA Vulnerability: ECDH and EdDSA Countermeasures Missing

CVE ID : CVE-2025-3301
Published : April 29, 2025, 2:15 p.m. | 2 hours, 14 minutes ago
Description : DPA countermeasures are unavailable for ECDH key agreement and EdDSA signing operations on Curve25519 and Curve448 on all Series 2 modules and SoCs due to a lack of hardware and software support. A successful DPA attack may result in exposure of confidential information. The best practice is to use the impacted crypto curves and operations with ephemeral keys to reduce the number of DPA traces that can be collected.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 14:15:00 GMT

read more

CVE-2025-4062 - Apache Code-Projects Theater Seat Booking System Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-4062
Published : April 29, 2025, 2:15 p.m. | 2 hours, 14 minutes ago
Description : A vulnerability has been found in code-projects Theater Seat Booking System 1.0 and classified as critical. Affected by this vulnerability is the function cancel. The manipulation of the argument cancelcustomername leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 14:15:00 GMT

read more

CVE-2025-4063 - Code-projects Student Information Management System Buffer Overflow

CVE ID : CVE-2025-4063
Published : April 29, 2025, 2:15 p.m. | 2 hours, 14 minutes ago
Description : A vulnerability was found in code-projects Student Information Management System 1.0 and classified as critical. Affected by this issue is the function cancel. The manipulation of the argument first_name/last_name leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 14:15:00 GMT

read more

CVE-2025-4064 - ScriptAndTools Online-Travling-System Remote File Inclusion Vulnerability

CVE ID : CVE-2025-4064
Published : April 29, 2025, 2:15 p.m. | 2 hours, 14 minutes ago
Description : A vulnerability was found in ScriptAndTools Online-Travling-System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/viewenquiry.php. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 14:15:00 GMT

read more

CVE-2025-4082 - Mozilla Firefox WebGL Out-of-Bounds Read RCE

CVE ID : CVE-2025-4082
Published : April 29, 2025, 2:15 p.m. | 2 hours, 14 minutes ago
Description : Modification of specific WebGL shader attributes could trigger an out-of-bounds read, which, when chained with other vulnerabilities, could be used to escalate privileges. *This bug only affects Firefox for macOS. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Firefox ESR < 115.23, Thunderbird < 138, and Thunderbird ESR < 128.10.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 14:15:00 GMT

read more

CVE-2025-4083 - Firefox JavaScript URI Isolation Bypass

CVE ID : CVE-2025-4083
Published : April 29, 2025, 2:15 p.m. | 2 hours, 14 minutes ago
Description : A process isolation vulnerability in Firefox stemmed from improper handling of javascript: URIs, which could allow content to execute in the top-level document's process instead of the intended frame, potentially enabling a sandbox escape. This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Firefox ESR < 115.23, Thunderbird < 138, and Thunderbird ESR < 128.10.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 14:15:00 GMT

read more

CVE-2025-4084 - "Firefox/Thunderbird Escaping Vulnerability (Local Code Execution)"

CVE ID : CVE-2025-4084
Published : April 29, 2025, 2:15 p.m. | 2 hours, 14 minutes ago
Description : Due to insufficient escaping of the special characters in the "copy as cURL" feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. *This bug only affects Firefox for Windows. Other versions of Firefox are unaffected.* This vulnerability affects Firefox ESR < 128.10, Firefox ESR < 115.23, and Thunderbird ESR < 128.10.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 14:15:00 GMT

read more

CVE-2025-4085 - Firefox UITour Actor Privilege Escalation

CVE ID : CVE-2025-4085
Published : April 29, 2025, 2:15 p.m. | 2 hours, 14 minutes ago
Description : An attacker with control over a content process could potentially leverage the privileged UITour actor to leak sensitive information or escalate privileges. This vulnerability affects Firefox < 138 and Thunderbird < 138.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 14:15:00 GMT

read more

CVE-2025-4086 - Mozilla Firefox and Thunderbird File Extension Disclosure Vulnerability

CVE ID : CVE-2025-4086
Published : April 29, 2025, 2:15 p.m. | 2 hours, 14 minutes ago
Description : A specially crafted filename containing a large number of encoded newline characters could obscure the file's extension when displayed in the download dialog. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 138 and Thunderbird < 138.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 14:15:00 GMT

read more

CVE-2025-4087 - "Firefox XPath Parsing Memory Corruption Vulnerability"

CVE ID : CVE-2025-4087
Published : April 29, 2025, 2:15 p.m. | 2 hours, 14 minutes ago
Description : A vulnerability was identified in Firefox where XPath parsing could trigger undefined behavior due to missing null checks during attribute access. This could lead to out-of-bounds read access and potentially, memory corruption. This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Thunderbird < 138, and Thunderbird ESR < 128.10.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 14:15:00 GMT

read more

CVE-2025-4088 - "Firefox Storage Access API Cross-Site Request Forgery Vulnerability"

CVE ID : CVE-2025-4088
Published : April 29, 2025, 2:15 p.m. | 2 hours, 14 minutes ago
Description : A security vulnerability in Firefox allowed malicious sites to use redirects to send credentialed requests to arbitrary endpoints on any site that had invoked the Storage Access API. This enabled potential Cross-Site Request Forgery attacks across origins. This vulnerability affects Firefox < 138 and Thunderbird < 138.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 14:15:00 GMT

read more

CVE-2025-4089 - Mozilla Firefox/Thunderbird Command Injection Vulnerability

CVE ID : CVE-2025-4089
Published : April 29, 2025, 2:15 p.m. | 2 hours, 14 minutes ago
Description : Due to insufficient escaping of special characters in the "copy as cURL" feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This vulnerability affects Firefox < 138 and Thunderbird < 138.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 14:15:00 GMT

read more

CVE-2025-4090 - "Mozilla Firefox Android and Thunderbird Information Disclosure"

CVE ID : CVE-2025-4090
Published : April 29, 2025, 2:15 p.m. | 2 hours, 14 minutes ago
Description : A vulnerability existed in Firefox for Android where potentially sensitive library locations were logged via Logcat. This vulnerability affects Firefox < 138 and Thunderbird < 138.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 14:15:00 GMT

read more

CVE-2025-4091 - Mozilla Firefox and Thunderbird Memory Corruption Vulnerability

CVE ID : CVE-2025-4091
Published : April 29, 2025, 2:15 p.m. | 2 hours, 14 minutes ago
Description : Memory safety bugs present in Firefox 137, Thunderbird 137, Firefox ESR 128.9, and Thunderbird 128.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Thunderbird < 138, and Thunderbird ESR < 128.10.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 14:15:00 GMT

read more

CVE-2025-4092 - Firefox Memory Corruption Arbitrary Code Execution Vulnerability

CVE ID : CVE-2025-4092
Published : April 29, 2025, 2:15 p.m. | 2 hours, 14 minutes ago
Description : Memory safety bugs present in Firefox 137 and Thunderbird 137. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 138 and Thunderbird < 138.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 14:15:00 GMT

read more

CVE-2025-4093 - "Firefox ESR and Thunderbird Memory Corruption Vulnerability"

CVE ID : CVE-2025-4093
Published : April 29, 2025, 2:15 p.m. | 2 hours, 14 minutes ago
Description : Memory safety bug present in Firefox ESR 128.9, and Thunderbird 128.9. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 128.10 and Thunderbird ESR < 128.10.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 14:15:00 GMT

read more

CVE-2025-4035 - Libsoup Cookie Domain Bypass Vulnerability

CVE ID : CVE-2025-4035
Published : April 29, 2025, 1:15 p.m. | 3 hours, 13 minutes ago
Description : A flaw was found in libsoup. When handling cookies, libsoup clients mistakenly allow cookies to be set for public suffix domains if the domain contains at least two components and includes an uppercase character. This bypasses public suffix protections and could allow a malicious website to set cookies for domains it does not own, potentially leading to integrity issues such as session fixation.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 13:15:00 GMT

read more

CVE-2025-4060 - PHPGurukul Notice Board System SQL Injection Vulnerability

CVE ID : CVE-2025-4060
Published : April 29, 2025, 1:15 p.m. | 3 hours, 13 minutes ago
Description : A vulnerability, which was classified as critical, has been found in PHPGurukul Notice Board System 1.0. This issue affects some unknown processing of the file /category.php. The manipulation of the argument catname leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 13:15:00 GMT

read more

CVE-2025-4061 - Code-projects Clothing Store Management System Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-4061
Published : April 29, 2025, 1:15 p.m. | 3 hours, 13 minutes ago
Description : A vulnerability, which was classified as critical, was found in code-projects Clothing Store Management System up to 1.0. Affected is the function add_item. The manipulation of the argument st.productname leads to stack-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 13:15:00 GMT

read more

CVE-2025-4058 - Projectworlds Online Examination System SQL Injection Vulnerability

CVE ID : CVE-2025-4058
Published : April 29, 2025, 12:15 p.m. | 4 hours, 14 minutes ago
Description : A vulnerability classified as critical has been found in Projectworlds Online Examination System 1.0. This affects an unknown part of the file /Bloodgroop_process.php. The manipulation of the argument Pat_BloodGroup1 leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 12:15:00 GMT

read more

CVE-2025-4059 - Code-projects Prison Management System Stack-Based Buffer Overflow

CVE ID : CVE-2025-4059
Published : April 29, 2025, 12:15 p.m. | 4 hours, 14 minutes ago
Description : A vulnerability classified as critical was found in code-projects Prison Management System 1.0. This vulnerability affects the function addrecord of the component Prison_Mgmt_Sys. The manipulation of the argument filename leads to stack-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 12:15:00 GMT

read more

CVE-2025-3452 - SecuPress Free WordPress Security Plugin Unauthorized Plugin Installation Vulnerability

CVE ID : CVE-2025-3452
Published : April 29, 2025, 9:15 a.m. | 3 hours, 13 minutes ago
Description : The SecuPress Free — WordPress Security plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'secupress_reinstall_plugins_admin_ajax_cb' function in all versions up to, and including, 2.3.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to install arbitrary plugins.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 09:15:00 GMT

read more

CVE-2025-2893 - WordPress Gutenverse Stored Cross-Site Scripting (XSS)

CVE ID : CVE-2025-2893
Published : April 29, 2025, 7:15 a.m. | 5 hours, 12 minutes ago
Description : The Gutenverse – Ultimate Block Addons and Page Builder for Site Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's countdown Block in all versions up to, and including, 2.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 07:15:00 GMT

read more

CVE-2024-12273 - CalculatedRoute Form WordPress Stored Cross-Site Scripting

CVE ID : CVE-2024-12273
Published : April 29, 2025, 6:15 a.m. | 6 hours, 12 minutes ago
Description : The Calculated Fields Form WordPress plugin before 5.2.62 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 06:15:00 GMT

read more

CVE-2025-46329 - Snowflake libsnowflakeclient Sensitive Information Logging

CVE ID : CVE-2025-46329
Published : April 29, 2025, 5:15 a.m. | 7 hours, 12 minutes ago
Description : libsnowflakeclient is the Snowflake Connector for C/C++. Versions starting from 0.5.0 to before 2.2.0, are vulnerable to local logging of sensitive information. When the logging level was set to DEBUG, the Connector would log locally the client-side encryption master key of the target stage during the execution of GET/PUT commands. This key by itself does not grant access to any sensitive data without additional access authorizations, and is not logged server-side by Snowflake. This issue has been patched in version 2.2.0.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 05:15:00 GMT

read more

CVE-2025-46330 - Snowflake libsnowflakeclient HTTP Request Retry Denial of Service

CVE ID : CVE-2025-46330
Published : April 29, 2025, 5:15 a.m. | 7 hours, 12 minutes ago
Description : libsnowflakeclient is the Snowflake Connector for C/C++. Versions starting from 0.5.0 to before 2.2.0, incorrectly treat malformed requests that caused the HTTP response status code 400, as able to be retried. This could hang the application until SF_CON_MAX_RETRY requests were sent. This issue has been patched in version 2.2.0.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 05:15:00 GMT

read more

CVE-2025-46338 - Audiobookshelf Reflected Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-46338
Published : April 29, 2025, 5:15 a.m. | 7 hours, 12 minutes ago
Description : Audiobookshelf is a self-hosted audiobook and podcast server. Prior to version 2.21.0, an improper input handling vulnerability in the `/api/upload` endpoint allows an attacker to perform a reflected cross-site scripting (XSS) attack by submitting malicious payloads in the `libraryId` field. The unsanitized input is reflected in the server’s error message, enabling arbitrary JavaScript execution in a victim's browser. This issue has been patched in version 2.21.0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 05:15:00 GMT

read more

CVE-2025-46343 - n8n Stored XSS Vulnerability

CVE ID : CVE-2025-46343
Published : April 29, 2025, 5:15 a.m. | 7 hours, 12 minutes ago
Description : n8n is a workflow automation platform. Prior to version 1.90.0, n8n is vulnerable to stored cross-site scripting (XSS) through the attachments view endpoint. n8n workflows can store and serve binary files, which are accessible to authenticated users. However, there is no restriction on the MIME type of uploaded files, and the MIME type could be controlled via a GET parameter. This allows the server to respond with any MIME type, potentially enabling malicious content to be interpreted and executed by the browser. An authenticated attacker with member-level permissions could exploit this by uploading a crafted HTML file containing malicious JavaScript. When another user visits the binary data endpoint with the MIME type set to text/html, the script executes in the context of the user’s session. This script could send a request to change the user’s email address in their account settings, effectively enabling account takeover. This issue has been patched in version 1.90.0.
Severity: 5.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 05:15:00 GMT

read more

CVE-2025-24206 - Apple Local Network Authentication Bypass

CVE ID : CVE-2025-24206
Published : April 29, 2025, 3:15 a.m. | 9 hours, 13 minutes ago
Description : An authentication issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, visionOS 2.4. An attacker on the local network may be able to bypass authentication policy.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 03:15:00 GMT

read more

CVE-2025-24251 - Apple Local Network App Termination Vulnerability

CVE ID : CVE-2025-24251
Published : April 29, 2025, 3:15 a.m. | 9 hours, 13 minutes ago
Description : The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, watchOS 11.4, visionOS 2.4. An attacker on the local network may cause an unexpected app termination.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 03:15:00 GMT

read more

CVE-2025-24252 - Apple macOS Use-After-Free Vulnerability

CVE ID : CVE-2025-24252
Published : April 29, 2025, 3:15 a.m. | 9 hours, 13 minutes ago
Description : A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, visionOS 2.4. An attacker on the local network may be able to corrupt process memory.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 03:15:00 GMT

read more

CVE-2025-24270 - Apple macOS Network Information Leakage Vulnerability

CVE ID : CVE-2025-24270
Published : April 29, 2025, 3:15 a.m. | 9 hours, 13 minutes ago
Description : This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, visionOS 2.4. An attacker on the local network may be able to leak sensitive user information.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 03:15:00 GMT

read more

CVE-2025-24271 - Apple AirPlay Unauthenticated Access Vulnerability

CVE ID : CVE-2025-24271
Published : April 29, 2025, 3:15 a.m. | 9 hours, 13 minutes ago
Description : An access issue was addressed with improved access restrictions. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, visionOS 2.4. An unauthenticated user on the same network as a signed-in Mac could send it AirPlay commands without pairing.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 03:15:00 GMT

read more

CVE-2025-30445 - Apple Type Confusion Vulnerability

CVE ID : CVE-2025-30445
Published : April 29, 2025, 3:15 a.m. | 9 hours, 13 minutes ago
Description : A type confusion issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, visionOS 2.4. An attacker on the local network may cause an unexpected app termination.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 03:15:00 GMT

read more

CVE-2025-31197 - Apple macOS and iOS Local Network App Termination Vulnerability

CVE ID : CVE-2025-31197
Published : April 29, 2025, 3:15 a.m. | 9 hours, 13 minutes ago
Description : The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, visionOS 2.4. An attacker on the local network may cause an unexpected app termination.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 03:15:00 GMT

read more

CVE-2025-31202 - Apple iOS/ iPadOS/ macOS/ tvOS/ visionOS Denial-of-Service Null Pointer Dereference

CVE ID : CVE-2025-31202
Published : April 29, 2025, 3:15 a.m. | 9 hours, 13 minutes ago
Description : A null pointer dereference was addressed with improved input validation. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, tvOS 18.4, visionOS 2.4. An attacker on the local network may be able to cause a denial-of-service.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 03:15:00 GMT

read more

CVE-2025-31203 - Apple macOS Sequoia Denial-of-Service Vulnerability

CVE ID : CVE-2025-31203
Published : April 29, 2025, 3:15 a.m. | 9 hours, 13 minutes ago
Description : An integer overflow was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, watchOS 11.4, visionOS 2.4. An attacker on the local network may be able to cause a denial-of-service.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 03:15:00 GMT

read more

CVE-2025-46753 - Cisco Webex Meeting Server Authentication Bypass

CVE ID : CVE-2025-46753
Published : April 29, 2025, 3:15 a.m. | 9 hours, 13 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 03:15:00 GMT

read more

CVE-2025-46754 - Apache HTTP Server Authentication Bypass

CVE ID : CVE-2025-46754
Published : April 29, 2025, 3:15 a.m. | 9 hours, 13 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 03:15:00 GMT

read more

CVE-2025-46755 - Apache HTTP Server SQL Injection

CVE ID : CVE-2025-46755
Published : April 29, 2025, 3:15 a.m. | 9 hours, 13 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 03:15:00 GMT

read more

CVE-2025-46756 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-46756
Published : April 29, 2025, 3:15 a.m. | 9 hours, 13 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 03:15:00 GMT

read more

CVE-2025-46757 - Adobe Acrobat Deserialization

CVE ID : CVE-2025-46757
Published : April 29, 2025, 3:15 a.m. | 9 hours, 13 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 03:15:00 GMT

read more

CVE-2025-46758 - Apache HTTP Server Arbitrary File Disclosure

CVE ID : CVE-2025-46758
Published : April 29, 2025, 3:15 a.m. | 9 hours, 13 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 03:15:00 GMT

read more

CVE-2025-46759 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-46759
Published : April 29, 2025, 3:15 a.m. | 9 hours, 13 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 03:15:00 GMT

read more

CVE-2025-46760 - Apache HTTP Server Authentication Bypass

CVE ID : CVE-2025-46760
Published : April 29, 2025, 3:15 a.m. | 9 hours, 13 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 03:15:00 GMT

read more

CVE-2025-46761 - Apache HTTP Server Denial of Service

CVE ID : CVE-2025-46761
Published : April 29, 2025, 3:15 a.m. | 9 hours, 13 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 03:15:00 GMT

read more

CVE-2025-24179 - "Apple iOS and macOS Null Pointer Dereference Denial-of-Service Vulnerability"

CVE ID : CVE-2025-24179
Published : April 29, 2025, 3:15 a.m. | 5 hours, 3 minutes ago
Description : A null pointer dereference was addressed with improved input validation. This issue is fixed in iOS 18.3 and iPadOS 18.3, visionOS 2.3, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, macOS Sequoia 15.3, tvOS 18.3. An attacker on the local network may be able to cause a denial-of-service.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 03:15:00 GMT

read more

CVE-2018-13372 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2018-13372
Published : April 29, 2025, 3:15 a.m. | 3 hours, 51 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 03:15:00 GMT

read more

CVE-2017-7740 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2017-7740
Published : April 29, 2025, 3:15 a.m. | 2 hours, 54 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 29 Apr 2025 03:15:00 GMT

read more

CVE-2025-46326 - Snowflake-Connector-Net TOCTOU Race Condition Vulnerability

CVE ID : CVE-2025-46326
Published : April 28, 2025, 11:15 p.m. | 3 hours, 10 minutes ago
Description : snowflake-connector-net is the Snowflake Connector for .NET. Versions starting from 2.1.2 to before 4.4.1, are vulnerable to a Time-of-Check to Time-of-Use (TOCTOU) race condition. When using the Easy Logging feature on Linux and macOS, the Connector reads logging configuration from a user-provided file. On Linux and macOS, the Connector verifies that the configuration file can be written to only by its owner. That check was vulnerable to a TOCTOU race condition and failed to verify that the file owner matches the user running the Connector. This could allow a local attacker with write access to the configuration file or the directory containing it to overwrite the configuration and gain control over logging level and output location. This issue has been patched in version 4.4.1.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 23:15:00 GMT

read more

CVE-2025-46327 - Snowflake Golang Driver Local File Configuration TOCTOU

CVE ID : CVE-2025-46327
Published : April 28, 2025, 11:15 p.m. | 3 hours, 10 minutes ago
Description : gosnowflake is the Snowflake Golang driver. Versions starting from 1.7.0 to before 1.13.3, are vulnerable to a Time-of-Check to Time-of-Use (TOCTOU) race condition. When using the Easy Logging feature on Linux and macOS, the Driver reads logging configuration from a user-provided file. On Linux and macOS the Driver verifies that the configuration file can be written to only by its owner. That check was vulnerable to a TOCTOU race condition and failed to verify that the file owner matches the user running the Driver. This could allow a local attacker with write access to the configuration file or the directory containing it to overwrite the configuration and gain control over logging level and output location. This issue has been patched in version 1.13.3.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 23:15:00 GMT

read more

CVE-2025-46328 - Snowflake-Connector-Nodejs TOCTOU Race Condition Local File Write Vulnerability

CVE ID : CVE-2025-46328
Published : April 28, 2025, 11:15 p.m. | 3 hours, 10 minutes ago
Description : snowflake-connector-nodejs is a NodeJS driver for Snowflake. Versions starting from 1.10.0 to before 2.0.4, are vulnerable to a Time-of-Check to Time-of-Use (TOCTOU) race condition. When using the Easy Logging feature on Linux and macOS the Driver reads logging configuration from a user-provided file. On Linux and macOS the Driver verifies that the configuration file can be written to only by its owner. That check was vulnerable to a TOCTOU race condition and failed to verify that the file owner matches the user running the Driver. This could allow a local attacker with write access to the configuration file or the directory containing it to overwrite the configuration and gain control over logging level and output location. This issue has been patched in version 2.0.4.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 23:15:00 GMT

read more

CVE-2025-4039 - PHPGurukul Rail Pass Management System SQL Injection

CVE ID : CVE-2025-4039
Published : April 28, 2025, 10:15 p.m. | 4 hours, 11 minutes ago
Description : A vulnerability was found in PHPGurukul Rail Pass Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/search-pass.php. The manipulation of the argument searchdata leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 22:15:00 GMT

read more

CVE-2024-10635 - Enterprise Protection S/MIME Attachment Defense Improper Input Validation

CVE ID : CVE-2024-10635
Published : April 28, 2025, 9:15 p.m. | 5 hours, 10 minutes ago
Description : Enterprise Protection contains an improper input validation vulnerability in attachment defense that allows an unauthenticated remote attacker to bypass attachment scanning security policy by sending a malicious S/MIME attachment with an opaque signature. When opened by a recipient in a downstream email client, the malicious attachment could cause partial loss of integrity and confidentiality to their system.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 21:15:00 GMT

read more

CVE-2024-11922 - Fortra GoAnywhere Email Injection Vulnerability

CVE ID : CVE-2024-11922
Published : April 28, 2025, 9:15 p.m. | 5 hours, 10 minutes ago
Description : Missing input validation in certain features of the Web Client of Fortra's GoAnywhere prior to version 7.8.0 allows an attacker with permission to trigger emails to insert arbitrary HTML or JavaScript into an email.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 21:15:00 GMT

read more

CVE-2025-0049 - GoAnywhere Directory Traversal Information Disclosure

CVE ID : CVE-2025-0049
Published : April 28, 2025, 9:15 p.m. | 5 hours, 10 minutes ago
Description : When a Web User without Create permission on subfolders attempts to upload a file to a non-existent directory, the error message includes the absolute server path which may allow Fuzzing for application mapping. This issue affects GoAnywhere: before 7.8.0.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 21:15:00 GMT

read more

CVE-2025-4037 - Code-Projects ATM Banking Business Logic Error

CVE ID : CVE-2025-4037
Published : April 28, 2025, 9:15 p.m. | 5 hours, 10 minutes ago
Description : A vulnerability was found in code-projects ATM Banking 1.0. It has been classified as critical. Affected is the function moneyDeposit/moneyWithdraw. The manipulation leads to business logic errors. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 21:15:00 GMT

read more

CVE-2025-4038 - Code-projects Train Ticket Reservation System Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-4038
Published : April 28, 2025, 9:15 p.m. | 5 hours, 10 minutes ago
Description : A vulnerability was found in code-projects Train Ticket Reservation System 1.0. It has been declared as critical. Affected by this vulnerability is the function Reservation of the component Ticket Reservation. The manipulation of the argument Name leads to stack-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 21:15:00 GMT

read more

CVE-2025-31650 - Apache Tomcat HTTP Priority Header Memory Leak DoS

CVE ID : CVE-2025-31650
Published : April 28, 2025, 8:15 p.m. | 6 hours, 11 minutes ago
Description : Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in incomplete clean-up of the failed request which created a memory leak. A large number of such requests could trigger an OutOfMemoryException resulting in a denial of service. This issue affects Apache Tomcat: from 9.0.76 through 9.0.102, from 10.1.10 through 10.1.39, from 11.0.0-M2 through 11.0.5. Users are recommended to upgrade to version 9.0.104, 10.1.40 or 11.0.6 which fix the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 20:15:00 GMT

read more

CVE-2025-31651 - Apache Tomcat Improper Neutralization of Escape, Meta, or Control Sequences

CVE ID : CVE-2025-31651
Published : April 28, 2025, 8:15 p.m. | 6 hours, 11 minutes ago
Description : Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. For a subset of unlikely rewrite rule configurations, it was possible for a specially crafted request to bypass some rewrite rules. If those rewrite rules effectively enforced security constraints, those constraints could be bypassed. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.5, from 10.1.0-M1 through 10.1.39, from 9.0.0.M1 through 9.0.102. Users are recommended to upgrade to version [FIXED_VERSION], which fixes the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 20:15:00 GMT

read more

CVE-2025-34491 - GFI MailEssentials .NET Deserialization Remote Code Execution Vulnerability

CVE ID : CVE-2025-34491
Published : April 28, 2025, 8:15 p.m. | 6 hours, 11 minutes ago
Description : GFI MailEssentials prior to version 21.8 is vulnerable to a .NET deserialization issue. A remote and authenticated attacker can execute arbitrary code by sending crafted serialized .NET when joining to a Multi-Server setup.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 20:15:00 GMT

read more

CVE-2025-3224 - Docker Desktop for Windows Elevation of Privilege Vulnerability

CVE ID : CVE-2025-3224
Published : April 28, 2025, 8:15 p.m. | 6 hours, 11 minutes ago
Description : A vulnerability in the update process of Docker Desktop for Windows versions prior to 4.41.0 could allow a local, low-privileged attacker to escalate privileges to SYSTEM. During an update, Docker Desktop attempts to delete files and subdirectories under the path C:\ProgramData\Docker\config with high privileges. However, this directory often does not exist by default, and C:\ProgramData\ allows normal users to create new directories. By creating a malicious Docker\config folder structure at this location, an attacker can force the privileged update process to delete or manipulate arbitrary system files, leading to Elevation of Privilege.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 20:15:00 GMT

read more

CVE-2025-45947 - PhpGurukul Online Banquet Booking System Remote Code Execution Vulnerability

CVE ID : CVE-2025-45947
Published : April 28, 2025, 8:15 p.m. | 6 hours, 11 minutes ago
Description : An issue in phpgurukul Online Banquet Booking System V1.2 allows an attacker to execute arbitrary code via the /obbs/change-password.php file of the My Account - Change Password component
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 20:15:00 GMT

read more

CVE-2025-45949 - PHPGurukul User Registration Login and User Management System Session Hijacking Vulnerability

CVE ID : CVE-2025-45949
Published : April 28, 2025, 8:15 p.m. | 6 hours, 11 minutes ago
Description : A critical vulnerability was found in PHPGurukul User Registration & Login and User Management System V3.3 in the /loginsystem/change-password.php file of the user panel - Change Password component. Improper handling of session data allows a Session Hijacking attack, exploitable remotely and leading to account takeover.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 20:15:00 GMT

read more

CVE-2025-45953 - PHPGurukul Hostel Management System Session Hijacking

CVE ID : CVE-2025-45953
Published : April 28, 2025, 8:15 p.m. | 6 hours, 11 minutes ago
Description : A vulnerability was found in PHPGurukul Hostel Management System 2.1 in the /hostel/change-password.php file of the user panel - Change Password component. Improper handling of session data allows a Session Hijacking attack, exploitable remotely
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 20:15:00 GMT

read more

CVE-2025-4034 - Projectworlds Online Examination System SQL Injection Vulnerability

CVE ID : CVE-2025-4034
Published : April 28, 2025, 8:15 p.m. | 6 hours, 11 minutes ago
Description : A vulnerability classified as critical was found in projectworlds Online Examination System 1.0. Affected by this vulnerability is an unknown functionality of the file /inser_doc_process.php. The manipulation of the argument Doc_ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 20:15:00 GMT

read more

CVE-2025-4036 - Apache Novel Remote Code Execution via Improper Access Control

CVE ID : CVE-2025-4036
Published : April 28, 2025, 8:15 p.m. | 6 hours, 11 minutes ago
Description : A vulnerability was found in 201206030 Novel 3.5.0 and classified as critical. This issue affects the function updateBookChapter of the file src/main/java/io/github/xxyopen/novel/controller/author/AuthorController.java of the component Chapter Handler. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 20:15:00 GMT

read more

CVE-2025-34489 - GFI MailEssentials Remote Code Execution Vulnerability

CVE ID : CVE-2025-34489
Published : April 28, 2025, 7:15 p.m. | 7 hours, 10 minutes ago
Description : GFI MailEssentials prior to version 21.8 is vulnerable to a local privilege escalation issue. A local attacker can escalate to NT Authority/SYSTEM by sending a crafted serialized payload to a .NET Remoting Service.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 19:15:00 GMT

read more

CVE-2025-34490 - GFI MailEssentials XXE Vulnerability

CVE ID : CVE-2025-34490
Published : April 28, 2025, 7:15 p.m. | 7 hours, 10 minutes ago
Description : GFI MailEssentials prior to version 21.8 is vulnerable to an XML External Entity (XXE) issue. An authenticated and remote attacker can send crafted HTTP requests to read arbitrary system files.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 19:15:00 GMT

read more

CVE-2025-4032 - InclusionAI AWorld Os Command Injection Vulnerability

CVE ID : CVE-2025-4032
Published : April 28, 2025, 7:15 p.m. | 7 hours, 10 minutes ago
Description : A vulnerability was found in inclusionAI AWorld up to 8c257626e648d98d793dd9a1a950c2af4dd84c4e. It has been rated as critical. This issue affects the function subprocess.run/subprocess.Popen of the file AWorld/aworld/virtual_environments/terminals/shell_tool.py. The manipulation leads to os command injection. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable.
Severity: 5.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 19:15:00 GMT

read more

CVE-2025-4033 - PHPGurukul Nipah Virus Testing Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4033
Published : April 28, 2025, 7:15 p.m. | 7 hours, 10 minutes ago
Description : A vulnerability classified as critical has been found in PHPGurukul Nipah Virus Testing Management System 1.0. Affected is an unknown function of the file /patient-search-report.php. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 19:15:00 GMT

read more

CVE-2024-12706 - OpenText Digital Asset Management SQL Injection

CVE ID : CVE-2024-12706
Published : April 28, 2025, 6:15 p.m. | 8 hours, 10 minutes ago
Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in OpenText™ Digital Asset Management. T he vulnerability could allow an authenticated user to run arbitrary SQL commands on the underlying database. This issue affects Digital Asset Management.: through 24.4.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 18:15:00 GMT

read more

CVE-2025-4030 - "PHPGurukul COVID19 Testing Management System SQL Injection"

CVE ID : CVE-2025-4030
Published : April 28, 2025, 6:15 p.m. | 8 hours, 10 minutes ago
Description : A vulnerability was found in PHPGurukul COVID19 Testing Management System 1.0. It has been classified as critical. This affects an unknown part of the file /search-report-result.php. The manipulation of the argument serachdata leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 18:15:00 GMT

read more

CVE-2025-4031 - PHPGurukul Pre-School Enrollment System SQL Injection Vulnerability

CVE ID : CVE-2025-4031
Published : April 28, 2025, 6:15 p.m. | 8 hours, 10 minutes ago
Description : A vulnerability was found in PHPGurukul Pre-School Enrollment System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/aboutus.php. The manipulation of the argument pagetitle leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 18:15:00 GMT

read more

CVE-2023-42404 - OneVision Workspace Java EL Injection

CVE ID : CVE-2023-42404
Published : April 28, 2025, 5:15 p.m. | 4 hours, 48 minutes ago
Description : OneVision Workspace before WS23.1 SR1 (build w31.040) allows arbitrary Java EL execution.
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 17:15:00 GMT

read more

CVE-2024-32499 - Newforma Project Center Server Remote Code Execution Vulnerability

CVE ID : CVE-2024-32499
Published : April 28, 2025, 5:15 p.m. | 4 hours, 48 minutes ago
Description : Newforma Project Center Server through 2023.3.0.32259 allows remote code execution because .NET Remoting is exposed.
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 17:15:00 GMT

read more

CVE-2025-4028 - PHPGurukul COVID19 Testing Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4028
Published : April 28, 2025, 5:15 p.m. | 4 hours, 48 minutes ago
Description : A vulnerability has been found in PHPGurukul COVID19 Testing Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 17:15:00 GMT

read more

CVE-2025-4029 - Apache Code-projects Personal Diary Stack-based Buffer Overflow Vulnerability

CVE ID : CVE-2025-4029
Published : April 28, 2025, 5:15 p.m. | 4 hours, 48 minutes ago
Description : A vulnerability was found in code-projects Personal Diary Management System 1.0 and classified as critical. Affected by this issue is the function addrecord of the component New Record Handler. The manipulation of the argument filename leads to stack-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 17:15:00 GMT

read more

CVE-2015-4582 - TheCartPress Boot Store WordPress Header PHP TCP Register Error XSS

CVE ID : CVE-2015-4582
Published : April 28, 2025, 4:15 p.m. | 2 hours, 26 minutes ago
Description : The TheCartPress boot-store (aka Boot Store) theme 1.6.4 for WordPress allows header.php tcp_register_error XSS. NOTE: CVE-2015-4582 is not assigned to any Oracle product.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 16:15:00 GMT

read more

CVE-2022-41871 - SEPPmail Root Command Injection Vulnerability

CVE ID : CVE-2022-41871
Published : April 28, 2025, 4:15 p.m. | 2 hours, 26 minutes ago
Description : SEPPmail through 12.1.17 allows command injection within the Admin Portal. An authenticated attacker is able to execute arbitrary code in the context of the user root.
Severity: 6.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 16:15:00 GMT

read more

CVE-2023-35814 - DevExpress ASP.NET XtraReport Data Serialization Deserialization Vulnerability

CVE ID : CVE-2023-35814
Published : April 28, 2025, 4:15 p.m. | 2 hours, 26 minutes ago
Description : DevExpress before 23.1.3 does not properly protect XtraReport serialized data in ASP.NET web forms.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 16:15:00 GMT

read more

CVE-2023-35815 - DevExpress XML Deserialization Data-Sourcing Protection Bypass

CVE ID : CVE-2023-35815
Published : April 28, 2025, 4:15 p.m. | 2 hours, 26 minutes ago
Description : DevExpress before 23.1.3 has a data-source protection mechanism bypass during deserialization on XML data.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 16:15:00 GMT

read more

CVE-2023-35816 - DevExpress TypeConverter Remote Code Execution Vulnerability

CVE ID : CVE-2023-35816
Published : April 28, 2025, 4:15 p.m. | 2 hours, 26 minutes ago
Description : DevExpress before 23.1.3 allows arbitrary TypeConverter conversion.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 16:15:00 GMT

read more

CVE-2023-35817 - DevExpress AsyncDownloader SSRF

CVE ID : CVE-2023-35817
Published : April 28, 2025, 4:15 p.m. | 2 hours, 26 minutes ago
Description : DevExpress before 23.1.3 allows AsyncDownloader SSRF.
Severity: 5.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 16:15:00 GMT

read more

CVE-2025-43854 - DIFY Clickjacking Vulnerability

CVE ID : CVE-2025-43854
Published : April 28, 2025, 4:15 p.m. | 2 hours, 26 minutes ago
Description : DIFY is an open-source LLM app development platform. Prior to version 1.3.0, a clickjacking vulnerability was found in the default setup of the DIFY application, allowing malicious actors to trick users into clicking on elements of the web page without their knowledge or consent. This can lead to unauthorized actions being performed, potentially compromising the security and privacy of users. This issue has been fixed in version 1.3.0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 16:15:00 GMT

read more

CVE-2025-43857 - Net::IMAP Denial of Service Memory Exhaustion Vulnerability

CVE ID : CVE-2025-43857
Published : April 28, 2025, 4:15 p.m. | 2 hours, 26 minutes ago
Description : Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.5.7, 0.4.20, 0.3.9, and 0.2.5, there is a possibility for denial of service by memory exhaustion when net-imap reads server responses. At any time while the client is connected, a malicious server can send can send a "literal" byte count, which is automatically read by the client's receiver thread. The response reader immediately allocates memory for the number of bytes indicated by the server response. This should not be an issue when securely connecting to trusted IMAP servers that are well-behaved. It can affect insecure connections and buggy, untrusted, or compromised servers (for example, connecting to a user supplied hostname). This issue has been patched in versions 0.5.7, 0.4.20, 0.3.9, and 0.2.5.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 16:15:00 GMT

read more

CVE-2025-46614 - Snowflake ODBC Driver Information Disclosure

CVE ID : CVE-2025-46614
Published : April 28, 2025, 4:15 p.m. | 2 hours, 26 minutes ago
Description : In Snowflake ODBC Driver before 3.7.0, in certain code paths, the Driver logged the whole SQL query at the INFO level, aka Insertion of Sensitive Information into a Log File.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 16:15:00 GMT

read more

CVE-2025-4026 - PHPGurukul Nipah Virus Testing Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4026
Published : April 28, 2025, 4:15 p.m. | 2 hours, 26 minutes ago
Description : A vulnerability, which was classified as critical, has been found in PHPGurukul Nipah Virus Testing Management System 1.0. This issue affects some unknown processing of the file /profile.php. The manipulation of the argument adminname leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 16:15:00 GMT

read more

CVE-2025-4027 - PHPGurukul Old Age Home Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4027
Published : April 28, 2025, 4:15 p.m. | 2 hours, 26 minutes ago
Description : A vulnerability, which was classified as critical, was found in PHPGurukul Old Age Home Management System 1.0. Affected is an unknown function of the file /admin/rules.php. The manipulation of the argument pagetitle leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 16:15:00 GMT

read more

CVE-2015-2079 - Usermin File Open Vulnerability

CVE ID : CVE-2015-2079
Published : April 28, 2025, 3:15 p.m. | 3 hours, 26 minutes ago
Description : Usermin 0.980 through 1.x before 1.660 allows uconfig_save.cgi sig_file_free remote code execution because it uses the two argument (not three argument) form of Perl open.
Severity: 9.9 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 15:15:00 GMT

read more

CVE-2025-23375 - Dell PowerProtect Data Manager Privilege Escalation Vulnerability

CVE ID : CVE-2025-23375
Published : April 28, 2025, 3:15 p.m. | 3 hours, 26 minutes ago
Description : Dell PowerProtect Data Manager Reporting, version(s) 19.17, contain(s) an Incorrect Use of Privileged APIs vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 15:15:00 GMT

read more

CVE-2025-23376 - Dell PowerProtect Data Manager Template Engine Template Injection Vulnerability

CVE ID : CVE-2025-23376
Published : April 28, 2025, 3:15 p.m. | 3 hours, 26 minutes ago
Description : Dell PowerProtect Data Manager Reporting, version(s) 19.16, 19.17, 19.18, contain(s) an Improper Neutralization of Special Elements Used in a Template Engine vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to information disclosure.
Severity: 2.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 15:15:00 GMT

read more

CVE-2025-23377 - Dell PowerProtect Data Manager Cross-Site Scripting (XSS)

CVE ID : CVE-2025-23377
Published : April 28, 2025, 3:15 p.m. | 3 hours, 26 minutes ago
Description : Dell PowerProtect Data Manager Reporting, version(s) 19.17, 19.18 contain(s) an Improper Encoding or Escaping of Output vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to inject arbitrary web script or html in reporting outputs.
Severity: 4.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 15:15:00 GMT

read more

CVE-2025-25776 - Codeastro Bus Ticket Booking System XSS

CVE ID : CVE-2025-25776
Published : April 28, 2025, 3:15 p.m. | 3 hours, 26 minutes ago
Description : Cross-Site Scripting (XSS) vulnerability exists in the User Registration and User Profile features of Codeastro Bus Ticket Booking System v1.0 allows an attacker to execute arbitrary code into the Full Name and Address fields during user registration or profile editing.
Severity: 5.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 15:15:00 GMT

read more

CVE-2025-4024 - iSourcecode Placement Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4024
Published : April 28, 2025, 3:15 p.m. | 3 hours, 26 minutes ago
Description : A vulnerability classified as critical has been found in itsourcecode Placement Management System 1.0. Affected is an unknown function of the file /add_drive.php. The manipulation of the argument drive_title leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 15:15:00 GMT

read more

CVE-2025-4025 - iSourcecode Placement Management System SQL Injection

CVE ID : CVE-2025-4025
Published : April 28, 2025, 3:15 p.m. | 3 hours, 26 minutes ago
Description : A vulnerability classified as critical was found in itsourcecode Placement Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /registration.php. The manipulation of the argument Name leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 15:15:00 GMT

read more

CVE-2025-4022 - Web-Arena-X Web Content Injection Vulnerability

CVE ID : CVE-2025-4022
Published : April 28, 2025, 2:15 p.m. | 4 hours, 9 minutes ago
Description : A vulnerability was found in web-arena-x webarena up to 0.2.0. It has been declared as critical. This vulnerability affects the function HTMLContentEvaluator of the file webarena/evaluation_harness/evaluators.py. The manipulation of the argument target["url"] leads to code injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 14:15:00 GMT

read more

CVE-2025-4023 - iSourcecode Placement Management System SQL Injection

CVE ID : CVE-2025-4023
Published : April 28, 2025, 2:15 p.m. | 4 hours, 9 minutes ago
Description : A vulnerability was found in itsourcecode Placement Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /add_company.php. The manipulation of the argument Name leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 14:15:00 GMT

read more

Le France Cybersecurity challenge s'achève

Le France Cybersecurity challenge s'achève

anssiadm
L’édition 2025 du France Cybersecurity challenge (FCSC) qui a débuté le 18 avril s’est achevée ce dimanche 27 avril, après 10 jours de compétition et une participation record.

Plus de 2000 hackers réunis pour relever le défi

Le FCSC 2025 a réuni plus de 2000 hackers éthiques qui se sont affrontés à travers une centaine d'épreuves spécialement élaborées par les experts de l'ANSSI.

Grande nouveauté cette année avec l’introduction pour la première fois d’épreuves de rapidité (« speedrun »), une journée entière pour tester la créativité et l'expertise des participants sur de tout nouveaux challenges.

Retrouvez le classement complet de cette édition 2025 sur FCSC 2025.

En route vers l’European Cybersecurity challenge (ECSC)

Pour rappel, la compétition fait également office de point de départ pour les 14 joueurs de 14 à 25 ans (10 titulaires et 4 remplaçants) qui seront prochainement sélectionnés pour représenter la France lors de l’European Cybersecurity Challenge (ECSC).

En plus de leurs résultats respectifs lors du FCSC, ces joueurs seront recrutés via un système d’entretiens par les coachs de l’ANSSI pour leurs expertises, leur talent, leurs qualités humaines et leur sens du collectif. Cette année, la Team France se rendra à Varsovie, du 6 au 10 octobre 2025.

Mon, 28 Apr 2025 13:43:00 GMT

read more

CVE-2025-4021 - Code-projects Patient Record Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4021
Published : April 28, 2025, 1:15 p.m. | 5 hours, 9 minutes ago
Description : A vulnerability was found in code-projects Patient Record Management System 1.0. It has been classified as critical. This affects an unknown part of the file /edit_spatient.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 13:15:00 GMT

read more

CVE-2025-32472 - HPE MultiScan and picoScan Slowloris Denial-of-Service Vulnerability

CVE ID : CVE-2025-32472
Published : April 28, 2025, 1:15 p.m. | 3 hours, 9 minutes ago
Description : The multiScan and picoScan are vulnerable to a denial-of-service (DoS) attack. A remote attacker can exploit this vulnerability by conducting a Slowloris-type attack, causing the web page to become unresponsive.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 13:15:00 GMT

read more

CVE-2025-46661 - IPW Systems Metazo Server-Side Template-Injection Vulnerability

CVE ID : CVE-2025-46661
Published : April 28, 2025, 1:15 p.m. | 3 hours, 9 minutes ago
Description : IPW Systems Metazo through 8.1.3 allows unauthenticated Remote Code Execution because smartyValidator.php enables the attacker to provide template expressions, aka Server-Side Template-Injection. All instances have been patched by the Supplier.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 13:15:00 GMT

read more

CVE-2025-4020 - PHPGurukul Old Age Home Management System SQL Injection

CVE ID : CVE-2025-4020
Published : April 28, 2025, 1:15 p.m. | 3 hours, 9 minutes ago
Description : A vulnerability was found in PHPGurukul Old Age Home Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /contact.php. The manipulation of the argument fname leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 13:15:00 GMT

read more

CVE-2025-4018 - Novel-Plus Remote Authentication Bypass

CVE ID : CVE-2025-4018
Published : April 28, 2025, 12:15 p.m. | 4 hours, 9 minutes ago
Description : A vulnerability, which was classified as critical, has been found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. This issue affects the function addCrawlSource of the file novel-crawl/src/main/java/com/java2nb/novel/controller/CrawlController.java. The manipulation leads to missing authentication. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 12:15:00 GMT

read more

CVE-2025-4019 - Apache Novel-Plus Missing Authentication Vulnerability

CVE ID : CVE-2025-4019
Published : April 28, 2025, 12:15 p.m. | 4 hours, 9 minutes ago
Description : A vulnerability, which was classified as critical, was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. Affected is the function genCode of the file novel-admin/src/main/java/com/java2nb/common/controller/GeneratorController.java. The manipulation leads to missing authentication. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 12:15:00 GMT

read more

CVE-2025-4016 - Novel-Plus LogController Java Remote Authorization Bypass

CVE ID : CVE-2025-4016
Published : April 28, 2025, 11:15 a.m. | 5 hours, 8 minutes ago
Description : A vulnerability classified as critical has been found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. This affects the function deleteIndex of the file novel-admin/src/main/java/com/java2nb/common/controller/LogController.java. The manipulation leads to improper authorization. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 11:15:00 GMT

read more

CVE-2025-4017 - Novel-Plus LogController Java Unauthenticated Remote Authorization Bypass

CVE ID : CVE-2025-4017
Published : April 28, 2025, 11:15 a.m. | 5 hours, 8 minutes ago
Description : A vulnerability classified as problematic was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. This vulnerability affects the function list of the file nnovel-admin/src/main/java/com/java2nb/common/controller/LogController.java. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 11:15:00 GMT

read more

CVE-2025-3200 - "Com-Server TLS Protocol Downgrade Vulnerability"

CVE ID : CVE-2025-3200
Published : April 28, 2025, 10:15 a.m. | 6 hours, 9 minutes ago
Description : An unauthenticated remote attacker could exploit the used, insecure TLS 1.0 and TLS 1.1 protocols to intercept and manipulate encrypted communications between the Com-Server and connected systems.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 10:15:00 GMT

read more

CVE-2025-4014 - PHPGurukul Art Gallery Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4014
Published : April 28, 2025, 10:15 a.m. | 6 hours, 9 minutes ago
Description : A vulnerability was found in PHPGurukul Art Gallery Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/manage-art-medium.php. The manipulation of the argument artmed leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 10:15:00 GMT

read more

CVE-2025-4015 - Novel-Plus SessionController Missing Authentication Remote Vulnerability

CVE ID : CVE-2025-4015
Published : April 28, 2025, 10:15 a.m. | 6 hours, 9 minutes ago
Description : A vulnerability was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. It has been rated as critical. Affected by this issue is the function list of the file novel-system/src/main/java/com/java2nb/system/controller/SessionController.java. The manipulation leads to missing authentication. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 10:15:00 GMT

read more

Bilan du volet cybersécurité de France Relance : un défi réussi

Bilan du volet cybersécurité de France Relance : un défi réussi

anssiadm
Le dernier rapport d’activité du volet cybersécurité de France Relance présente les travaux entrepris par l’ANSSI sur 2024, année de clôture du programme sur le plan financier. Ce dernier volet illustre les actions menées par l’Agence durant 4 ans qui ont permis d’améliorer significativement l’accompagnement des entités vers une meilleure cybersécurité.

Avec 100 millions d’euros, le programme des parcours de cybersécurité a constitué un investissement sans précédent pour répondre à une menace devenue systémique, touchant des entités critiques au cœur des territoires.

Les « parcours de cybersécurité » avaient pour objectif d’élever la sécurité numérique des services publics, de dynamiser l’industrie de cybersécurité française et européenne et de favoriser des investissements durables au service de la cybersécurité des organisations.

Pendant 4 ans, l’ANSSI a conçu, déployé et piloté un dispositif d’accompagnement au profit des collectivités, des établissements de santé et des entités publiques. Ainsi, 945 entités parmi les plus vulnérables à la menace cyber ont pu bénéficier de cet accompagnement, dont :

  • 707 collectivités territoriales,
  • 134 établissements de santé,
  • 87 autres établissements publics,
  • 17 centres de recherche et d’enseignement supérieur,

Parmi celles-ci, 62 entités ont été accompagnées dans les territoires d’Outre-mer.

Les parcours ont permis d’élever le niveau de cyberdéfense des bénéficiaires de manière significative : en moyenne, les bénéficiaires sont passés d’un score de maturité cyber de D+ à B, soulignant un progrès conséquent. Grâce aux parcours, les entités ont réussi à s’intégrer dans l’écosystème cyber de leur territoire et de leur secteur, en lien avec l’ANSSI, et sont ainsi solidement ancrées dans une démarche de sécurisation à long terme.

Au-delà des bénéfices pour les entités accompagnées, les parcours de cybersécurité laissent un héritage exploitable dans la durée, notamment dans la perspective de la mise en œuvre de la directive NIS 2 avec la mise à disposition d’outils et de méthodes adaptés aux besoins de chaque bénéficiaire.

Le programme a permis de dynamiser l’offre industrielle de cybersécurité dans les territoires et de renforcer l’offre française et européenne de cybersécurité :

  • 197 prestataires présents sur l’ensemble du territoire national ont été impliqués.
  • 40 millions d’euros ont été dédiés à l’acquisition de produits de cybersécurité français et européens (dont 33 millions d’euros pour des produits français).

Les parcours de cybersécurité sont un succès, avec des effets tangibles et durables pour les bénéficiaires. Ils font partie d'un programme plus large de soutien à la transformation numérique et à la résilience des systèmes d'information, dans un contexte où les cybermenaces se multiplient.

Mon, 28 Apr 2025 10:10:00 GMT

read more

CVE-2025-39367 - SeventhQueen Kleo Missing Authorization Vulnerability

CVE ID : CVE-2025-39367
Published : April 28, 2025, 9:15 a.m. | 7 hours, 9 minutes ago
Description : Missing Authorization vulnerability in SeventhQueen Kleo.This issue affects Kleo: from n/a before 5.4.4.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 09:15:00 GMT

read more

CVE-2025-42598 - Seiko Epson Printer DLL Hijacking Vulnerability

CVE ID : CVE-2025-42598
Published : April 28, 2025, 9:15 a.m. | 7 hours, 9 minutes ago
Description : Multiple SEIKO EPSON printer drivers for Windows OS are configured with an improper access permission settings when installed or used in a language other than English. If a user is directed to place a crafted DLL file in a location of an attacker's choosing, the attacker may execute arbitrary code with SYSTEM privilege on a Windows system on which the printer driver is installed.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 09:15:00 GMT

read more

CVE-2025-4011 - Redmine Custom Query Handler Cross Site Scripting Vulnerability

CVE ID : CVE-2025-4011
Published : April 28, 2025, 9:15 a.m. | 7 hours, 9 minutes ago
Description : A vulnerability has been found in Redmine 6.0.0/6.0.1/6.0.2/6.0.3 and classified as problematic. This vulnerability affects unknown code of the component Custom Query Handler. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 6.0.4 is able to address this issue. It is recommended to upgrade the affected component.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 09:15:00 GMT

read more

CVE-2025-4012 - Playeduxyz PlayEdu SSRF Vulnerability

CVE ID : CVE-2025-4012
Published : April 28, 2025, 9:15 a.m. | 7 hours, 9 minutes ago
Description : A vulnerability was found in playeduxyz PlayEdu 开源培训系统 up to 1.8 and classified as problematic. This issue affects some unknown processing of the file /api/backend/v1/user/create of the component User Avatar Handler. The manipulation of the argument Avatar leads to server-side request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 2.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 09:15:00 GMT

read more

CVE-2025-4013 - PHPGurukul Art Gallery Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4013
Published : April 28, 2025, 9:15 a.m. | 7 hours, 9 minutes ago
Description : A vulnerability was found in PHPGurukul Art Gallery Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/aboutus.php. The manipulation of the argument pagetitle leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 09:15:00 GMT

read more

CVE-2025-32470 - Apache HTTP Server DNS Spoofing

CVE ID : CVE-2025-32470
Published : April 28, 2025, 9:15 a.m. | 5 hours, 26 minutes ago
Description : A remote unauthenticated attacker may be able to change the IP adress of the device, and therefore affecting the availability of the device.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 09:15:00 GMT

read more

CVE-2025-32471 - Cisco ASA Unsalted Password Vulnerability

CVE ID : CVE-2025-32471
Published : April 28, 2025, 9:15 a.m. | 5 hours, 26 minutes ago
Description : The device’s passwords have not been adequately salted, making them vulnerable to password extraction attacks.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 09:15:00 GMT

read more

CVE-2025-22235 - Spring Security Endpoint Request Denial of Service (DoS)

CVE ID : CVE-2025-22235
Published : April 28, 2025, 8:15 a.m. | 6 hours, 26 minutes ago
Description : EndpointRequest.to() creates a matcher for null/** if the actuator endpoint, for which the EndpointRequest has been created, is disabled or not exposed. Your application may be affected by this if all the following conditions are met: * You use Spring Security * EndpointRequest.to() has been used in a Spring Security chain configuration * The endpoint which EndpointRequest references is disabled or not exposed via web * Your application handles requests to /null and this path needs protection You are not affected if any of the following is true: * You don't use Spring Security * You don't use EndpointRequest.to() * The endpoint which EndpointRequest.to() refers to is enabled and is exposed * Your application does not handle requests to /null or this path does not need protection
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 08:15:00 GMT

read more

CVE-2025-4007 - Tenda W12 and i24 HTTPd Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-4007
Published : April 28, 2025, 8:15 a.m. | 6 hours, 26 minutes ago
Description : A vulnerability classified as critical was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644). Affected by this vulnerability is the function cgidhcpsCfgSet of the file /goform/modules of the component httpd. The manipulation of the argument json leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 08:15:00 GMT

read more

CVE-2025-4005 - PHPGurukul COVID19 Testing Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4005
Published : April 28, 2025, 7:15 a.m. | 7 hours, 26 minutes ago
Description : A vulnerability was found in PHPGurukul COVID19 Testing Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /patient-report.php. The manipulation of the argument searchdata leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 07:15:00 GMT

read more

CVE-2025-4006 - Youyiio BeyongCms Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-4006
Published : April 28, 2025, 7:15 a.m. | 7 hours, 26 minutes ago
Description : A vulnerability classified as critical has been found in youyiio BeyongCms 1.6.0. Affected is an unknown function of the file /admin/theme/Upload.html of the component Document Management Page. The manipulation of the argument File leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 07:15:00 GMT

read more

CVE-2025-4004 - PHPGurukul COVID19 Testing Management System SQL Injection Vulnerability

CVE ID : CVE-2025-4004
Published : April 28, 2025, 6:15 a.m. | 8 hours, 26 minutes ago
Description : A vulnerability was found in PHPGurukul COVID19 Testing Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /password-recovery.php. The manipulation of the argument contactno leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 06:15:00 GMT

read more

CVE-2024-13688 - WordPress ASE Password Protection Hardcoded Password Bypass

CVE ID : CVE-2024-13688
Published : April 28, 2025, 6:15 a.m. | 6 hours, 9 minutes ago
Description : The Admin and Site Enhancements (ASE) WordPress plugin before 7.6.10 uses a hardcoded password in its Password Protection feature, allowing attacker to bypass the protection offered via a crafted request
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 06:15:00 GMT

read more

CVE-2024-9771 - WordPress WP-Recall Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2024-9771
Published : April 28, 2025, 6:15 a.m. | 6 hours, 9 minutes ago
Description : The WP-Recall WordPress plugin before 16.26.12 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 06:15:00 GMT

read more

CVE-2025-0627 - WordPress Tag, Category, and Taxonomy Manager Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-0627
Published : April 28, 2025, 6:15 a.m. | 6 hours, 9 minutes ago
Description : The WordPress Tag, Category, and Taxonomy Manager WordPress plugin before 3.30.0 does not sanitise and escape some of its Widgets settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 06:15:00 GMT

read more

CVE-2025-4003 - Apache RefindPlus null pointer dereference vulnerability

CVE ID : CVE-2025-4003
Published : April 28, 2025, 6:15 a.m. | 6 hours, 9 minutes ago
Description : A vulnerability was found in RefindPlusRepo RefindPlus 0.14.2.AB. It has been classified as problematic. This affects the function InternalApfsTranslateBlock of the file Library/RP_ApfsLib/RP_ApfsIo.c. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. The patch is named 4d35125ca689a255647e9033dd60c257d26df7cb. It is recommended to apply a patch to fix this issue.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 06:15:00 GMT

read more

CVE-2025-4001 - "Scip File Descriptor Handler Uncontrolled File Descriptor Consumption Vulnerability"

CVE ID : CVE-2025-4001
Published : April 28, 2025, 5:15 a.m. | 7 hours, 9 minutes ago
Description : A vulnerability has been found in scipopt scip up to 9.2.1 and classified as problematic. Affected by this vulnerability is the function main of the file examples/LOP/src/genRandomLOPInstance.c of the component File Descriptor Handler. The manipulation of the argument File leads to uncontrolled file descriptor consumption. Local access is required to approach this attack. Upgrading to version 9.2.2 is able to address this issue. The identifier of the patch is d6da63b941216d75fbc1aefea9abf1de6712a2d0. It is recommended to upgrade the affected component.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 05:15:00 GMT

read more

CVE-2025-4002 - Apache RefindPlus Local Null Pointer Dereference Vulnerability

CVE ID : CVE-2025-4002
Published : April 28, 2025, 5:15 a.m. | 7 hours, 9 minutes ago
Description : A vulnerability was found in RefindPlusRepo RefindPlus 0.14.2.AB and classified as problematic. Affected by this issue is the function GetDebugLogFile of the file Library/MemLogLib/BootLog.c. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The patch is identified as d2143a1e2deefddd9b105fb7160763c4f8d47ea2. It is recommended to apply a patch to fix this issue.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 05:15:00 GMT

read more

CVE-2025-3999 - Seeyon Zhiyuan OA Web Application System Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3999
Published : April 28, 2025, 4:15 a.m. | 8 hours, 8 minutes ago
Description : A vulnerability, which was classified as problematic, has been found in Seeyon Zhiyuan OA Web Application System 8.1 SP2. This issue affects some unknown processing of the file seeyon\opt\Seeyon\A8\ApacheJetspeed\webapps\seeyon\common\js\addDate\date.jsp of the component URL Parameter Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 04:15:00 GMT

read more

CVE-2025-4000 - Seeyon Zhiyuan OA Web Application System Cross Site Scripting Vulnerability

CVE ID : CVE-2025-4000
Published : April 28, 2025, 4:15 a.m. | 8 hours, 8 minutes ago
Description : A vulnerability, which was classified as problematic, was found in Seeyon Zhiyuan OA Web Application System 8.1 SP2. Affected is an unknown function of the file seeyon\opt\Seeyon\A8\ApacheJetspeed\webapps\seeyon\ssoproxy\jsp\ssoproxy.jsp. The manipulation of the argument Name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 04:15:00 GMT

read more

CVE-2025-3998 - CodeAstro Membership Management System SQL Injection Vulnerability

CVE ID : CVE-2025-3998
Published : April 28, 2025, 4:15 a.m. | 6 hours, 8 minutes ago
Description : A vulnerability classified as critical was found in CodeAstro Membership Management System 1.0. This vulnerability affects unknown code of the file renew.php?id=6. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 04:15:00 GMT

read more

CVE-2025-3706 - 104 Corporation eHRMS Reflected Cross-site Scripting Vulnerability

CVE ID : CVE-2025-3706
Published : April 28, 2025, 3:15 a.m. | 7 hours, 8 minutes ago
Description : The eHRMS from 104 Corporation has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 03:15:00 GMT

read more

CVE-2025-3996 - TOTOLINK N150RT Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3996
Published : April 28, 2025, 3:15 a.m. | 7 hours, 8 minutes ago
Description : A vulnerability was found in TOTOLINK N150RT 3.4.0-B20190525. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /home.htm of the component MAC Filtering Page. The manipulation of the argument Comment leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 03:15:00 GMT

read more

CVE-2025-3997 - Dazhouda lecms Cross-Site Request Forgery (CSRF) Vulnerability

CVE ID : CVE-2025-3997
Published : April 28, 2025, 3:15 a.m. | 7 hours, 8 minutes ago
Description : A vulnerability classified as problematic has been found in dazhouda lecms 3.0.3. This affects an unknown part of the file /index.php?my-profile-ajax-1 of the component Personal Information Page. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 03:15:00 GMT

read more

CVE-2025-3995 - TOTOLINK N150RT Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3995
Published : April 28, 2025, 2:15 a.m. | 8 hours, 8 minutes ago
Description : A vulnerability was found in TOTOLINK N150RT 3.4.0-B20190525. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /boafrm/fromStaticDHCP of the component LAN Settings Page. The manipulation of the argument Hostname leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 02:15:00 GMT

read more

CVE-2025-3993 - TOTOLINK N150RT Buffer Overflow Vulnerability

CVE ID : CVE-2025-3993
Published : April 28, 2025, 1:15 a.m. | 7 hours, 8 minutes ago
Description : A vulnerability was found in TOTOLINK N150RT 3.4.0-B20190525 and classified as critical. This issue affects some unknown processing of the file /boafrm/formWsc. The manipulation of the argument submit-url leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 01:15:00 GMT

read more

CVE-2025-3994 - TOTOLINK N150RT Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3994
Published : April 28, 2025, 1:15 a.m. | 7 hours, 8 minutes ago
Description : A vulnerability was found in TOTOLINK N150RT 3.4.0-B20190525. It has been classified as problematic. Affected is an unknown function of the file /home.htm of the component IP Port Filtering. The manipulation of the argument Comment leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 01:15:00 GMT

read more

CVE-2025-26692 - Quick Agent Path Traversal Vulnerability

CVE ID : CVE-2025-26692
Published : April 28, 2025, 12:15 a.m. | 8 hours, 8 minutes ago
Description : Quick Agent V3 and Quick Agent V2 contain an issue with improper limitation of a pathname to a restricted directory ('Path Traversal'). If exploited, arbitrary code may be executed by a remote unauthenticated attacker with the Windows system privilege where the product is running.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 00:15:00 GMT

read more

CVE-2025-27937 - Quick Agent Path Traversal Vulnerability

CVE ID : CVE-2025-27937
Published : April 28, 2025, 12:15 a.m. | 8 hours, 8 minutes ago
Description : Quick Agent V3 and Quick Agent V2 contain an issue with improper limitation of a pathname to a restricted directory ('Path Traversal'). If exploited, an arbitrary file in the affected product may be obtained by a remote attacker who can log in to the product.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 00:15:00 GMT

read more

CVE-2025-31144 - Quick Agent Windows RCE Vulnerability

CVE ID : CVE-2025-31144
Published : April 28, 2025, 12:15 a.m. | 8 hours, 8 minutes ago
Description : Quick Agent V3 and Quick Agent V2 contain an issue with improper restriction of communication channel to intended endpoints. If exploited, a remote unauthenticated attacker may attempt to log in to an arbitrary host via Windows system where the product is running.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 00:15:00 GMT

read more

CVE-2025-3991 - TOTOLINK N150RT Buffer Overflow Vulnerability

CVE ID : CVE-2025-3991
Published : April 28, 2025, 12:15 a.m. | 8 hours, 8 minutes ago
Description : A vulnerability, which was classified as critical, was found in TOTOLINK N150RT 3.4.0-B20190525. This affects an unknown part of the file /boafrm/formWdsEncrypt. The manipulation of the argument submit-url leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 00:15:00 GMT

read more

CVE-2025-3992 - TOTOLINK N150RT Buffer Overflow Vulnerability

CVE ID : CVE-2025-3992
Published : April 28, 2025, 12:15 a.m. | 8 hours, 8 minutes ago
Description : A vulnerability has been found in TOTOLINK N150RT 3.4.0-B20190525 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formWlwds. The manipulation of the argument submit-url leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 28 Apr 2025 00:15:00 GMT

read more

CVE-2025-3989 - TOTOLINK N150RT Buffer Overflow Vulnerability

CVE ID : CVE-2025-3989
Published : April 27, 2025, 11:15 p.m. | 9 hours, 8 minutes ago
Description : A vulnerability classified as critical was found in TOTOLINK N150RT 3.4.0-B20190525. Affected by this vulnerability is an unknown functionality of the file /boafrm/formStaticDHCP. The manipulation of the argument Hostname leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 27 Apr 2025 23:15:00 GMT

read more

CVE-2025-3990 - TOTOLINK N150RT Buffer Overflow Vulnerability

CVE ID : CVE-2025-3990
Published : April 27, 2025, 11:15 p.m. | 9 hours, 8 minutes ago
Description : A vulnerability, which was classified as critical, has been found in TOTOLINK N150RT 3.4.0-B20190525. Affected by this issue is some unknown functionality of the file /boafrm/formVlan. The manipulation of the argument submit-url leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 27 Apr 2025 23:15:00 GMT

read more

CVE-2025-3987 - TOTOLINK N150RT Command Injection Vulnerability

CVE ID : CVE-2025-3987
Published : April 27, 2025, 10:15 p.m. | 8 hours, 2 minutes ago
Description : A vulnerability was found in TOTOLINK N150RT 3.4.0-B20190525. It has been rated as critical. This issue affects some unknown processing of the file /boafrm/formWsc. The manipulation of the argument localPin leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 27 Apr 2025 22:15:00 GMT

read more

CVE-2025-3988 - TOTOLINK N150RT Buffer Overflow Vulnerability

CVE ID : CVE-2025-3988
Published : April 27, 2025, 10:15 p.m. | 8 hours, 2 minutes ago
Description : A vulnerability classified as critical has been found in TOTOLINK N150RT 3.4.0-B20190525. Affected is an unknown function of the file /boafrm/formPortFw. The manipulation of the argument service_type leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 27 Apr 2025 22:15:00 GMT

read more

CVE-2025-46689 - Ververica Platform Reflected Cross-Site Scripting

CVE ID : CVE-2025-46689
Published : April 27, 2025, 10:15 p.m. | 8 hours, 2 minutes ago
Description : Ververica Platform 2.14.0 contain an Reflected XSS vulnerability via a namespaces/default/formats URI.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 27 Apr 2025 22:15:00 GMT

read more

CVE-2025-46690 - Ververica Platform SQL Connector Unauthorized Access Vulnerability

CVE ID : CVE-2025-46690
Published : April 27, 2025, 10:15 p.m. | 8 hours, 2 minutes ago
Description : Ververica Platform 2.14.0 allows low-privileged users to access SQL connectors via a direct namespaces/default/formats request.
Severity: 5.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 27 Apr 2025 22:15:00 GMT

read more

CVE-2025-3985 - Apereo CAS Remote Regular Expression Denial of Service (DoS)

CVE ID : CVE-2025-3985
Published : April 27, 2025, 9:15 p.m. | 9 hours, 2 minutes ago
Description : A vulnerability was found in Apereo CAS 5.2.6. It has been classified as problematic. This affects the function ResponseEntity of the file cas-5.2.6\webapp-mgmt\cas-management-webapp-support\src\main\java\org\apereo\cas\mgmt\services\web\ManageRegisteredServicesMultiActionController.java. The manipulation of the argument Query leads to inefficient regular expression complexity. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 2.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 27 Apr 2025 21:15:00 GMT

read more

CVE-2025-3986 - Apache Apereo CAS Regular Expression Inefficient Complexity Remote Vulnerability

CVE ID : CVE-2025-3986
Published : April 27, 2025, 9:15 p.m. | 9 hours, 2 minutes ago
Description : A vulnerability was found in Apereo CAS 5.2.6. It has been declared as problematic. This vulnerability affects unknown code of the file cas-5.2.6\core\cas-server-core-configuration-metadata-repository\src\main\java\org\apereo\cas\metadata\rest\CasConfigurationMetadataServerController.java. The manipulation of the argument Name leads to inefficient regular expression complexity. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 27 Apr 2025 21:15:00 GMT

read more

CVE-2025-46688 - QuickJS Buffer Overflow Vulnerability

CVE ID : CVE-2025-46688
Published : April 27, 2025, 8:15 p.m. | 10 hours, 2 minutes ago
Description : quickjs-ng through 0.9.0 has an incorrect size calculation in JS_ReadBigInt for a BigInt, leading to a heap-based buffer overflow. QuickJS before 2025-04-26 is also affected.
Severity: 5.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 27 Apr 2025 20:15:00 GMT

read more

CVE-2025-3983 - AMTT Hotel Broadband Operation System NLog Down.php Remote Command Injection Vulnerability

CVE ID : CVE-2025-3983
Published : April 27, 2025, 8:15 p.m. | 6 hours, 7 minutes ago
Description : A vulnerability has been found in AMTT Hotel Broadband Operation System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /manager/system/nlog_down.php. The manipulation of the argument ProtocolType leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 27 Apr 2025 20:15:00 GMT

read more

CVE-2025-3984 - Apereo CAS Groovy Code Handler Code Injection Vulnerability

CVE ID : CVE-2025-3984
Published : April 27, 2025, 8:15 p.m. | 6 hours, 7 minutes ago
Description : A vulnerability was found in Apereo CAS 5.2.6 and classified as critical. Affected by this issue is the function saveService of the file cas-5.2.6\webapp-mgmt\cas-management-webapp-support\src\main\java\org\apereo\cas\mgmt\services\web\RegisteredServiceSimpleFormController.java of the component Groovy Code Handler. The manipulation leads to code injection. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 27 Apr 2025 20:15:00 GMT

read more

CVE-2025-46687 - QuickJS Heap Buffer Overflow

CVE ID : CVE-2025-46687
Published : April 27, 2025, 8:15 p.m. | 6 hours, 7 minutes ago
Description : quickjs-ng through 0.9.0 has a missing length check in JS_ReadString for a string, leading to a heap-based buffer overflow. QuickJS before 2025-04-26 is also affected.
Severity: 5.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 27 Apr 2025 20:15:00 GMT

read more

CVE-2025-2866 - LibreOffice PDF Signature Spoofing

CVE ID : CVE-2025-2866
Published : April 27, 2025, 7:15 p.m. | 7 hours, 7 minutes ago
Description : Improper Verification of Cryptographic Signature vulnerability in LibreOffice allows PDF Signature Spoofing by Improper Validation. In the affected versions of LibreOffice a flaw in the verification code for adbe.pkcs7.sha1 signatures could cause invalid signatures to be accepted as valid This issue affects LibreOffice: from 24.8 before < 24.8.6, from 25.2 before < 25.2.2.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 27 Apr 2025 19:15:00 GMT

read more

CVE-2025-3981 - "Wowjoy Internet Doctor Workstation System Remote Unauthorized Access Vulnerability"

CVE ID : CVE-2025-3981
Published : April 27, 2025, 7:15 p.m. | 7 hours, 7 minutes ago
Description : A vulnerability, which was classified as problematic, has been found in wowjoy 浙江湖州华卓信息科技有限公司 Internet Doctor Workstation System 1.0. This issue affects some unknown processing of the file /v1/prescription/details/. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 27 Apr 2025 19:15:00 GMT

read more

CVE-2025-3982 - Nortikin Sverchok Prototype Pollution Vulnerability

CVE ID : CVE-2025-3982
Published : April 27, 2025, 7:15 p.m. | 7 hours, 7 minutes ago
Description : A vulnerability, which was classified as problematic, was found in nortikin Sverchok 1.3.0. Affected is the function SvSetPropNodeMK2 of the file sverchok/nodes/object_nodes/getsetprop_mk2.py of the component Set Property Mk2 Node. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution'). It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 27 Apr 2025 19:15:00 GMT

read more

CVE-2025-3979 - Dazhouda Lcms CSRF Vulnerability

CVE ID : CVE-2025-3979
Published : April 27, 2025, 6:15 p.m. | 8 hours, 7 minutes ago
Description : A vulnerability classified as problematic has been found in dazhouda lecms 3.0.3. This affects an unknown part of the file /index.php?my-password-ajax-1 of the component Password Change Handler. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 27 Apr 2025 18:15:00 GMT

read more

CVE-2025-3980 - Wowjoy Internet Doctor Workstation System Remote Unauthorized Access Vulnerability

CVE ID : CVE-2025-3980
Published : April 27, 2025, 6:15 p.m. | 8 hours, 7 minutes ago
Description : A vulnerability classified as problematic was found in wowjoy 浙江湖州华卓信息科技有限公司 Internet Doctor Workstation System 1.0. This vulnerability affects unknown code of the file /v1/prescription/list. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 27 Apr 2025 18:15:00 GMT

read more

CVE-2025-3978 - Dazhouda Lcms Information Disclosure Vulnerability

CVE ID : CVE-2025-3978
Published : April 27, 2025, 5:15 p.m. | 9 hours, 7 minutes ago
Description : A vulnerability was found in dazhouda lecms 3.0.3. It has been rated as problematic. Affected by this issue is some unknown functionality of the file admin/view/default/user_set.htm. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 27 Apr 2025 17:15:00 GMT

read more

CVE-2025-3964 - Withstars Books-Management-System Cross-Site Request Forgery Vulnerability

CVE ID : CVE-2025-3964
Published : April 27, 2025, 9:15 a.m. | 11 hours, 6 minutes ago
Description : A vulnerability, which was classified as problematic, was found in withstars Books-Management-System 1.0. Affected is an unknown function of the file /api/article/del of the component Article Handler. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 27 Apr 2025 09:15:00 GMT

read more

CVE-2024-52887 - Shrew Soft VPN Bookmark Script Injection Vulnerability

CVE ID : CVE-2024-52887
Published : April 27, 2025, 8:15 a.m. | 12 hours, 6 minutes ago
Description : Authenticated end-user may set a specially crafted SNX bookmark that can make their browser run a script while accessing their own bookmark list.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 27 Apr 2025 08:15:00 GMT

read more

CVE-2024-52888 - Apache Struts Remote Code Execution

CVE ID : CVE-2024-52888
Published : April 27, 2025, 8:15 a.m. | 12 hours, 6 minutes ago
Description : For an authenticated end-user the portal may run a script while attempting to display a directory or some file's properties.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 27 Apr 2025 08:15:00 GMT

read more

CVE-2025-3963 - Withstars Books-Management-System Background Interface Remote Authorization Bypass Vulnerability

CVE ID : CVE-2025-3963
Published : April 27, 2025, 8:15 a.m. | 12 hours, 6 minutes ago
Description : A vulnerability, which was classified as critical, has been found in withstars Books-Management-System 1.0. This issue affects some unknown processing of the file /admin/article/list of the component Background Interface. The manipulation leads to missing authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 27 Apr 2025 08:15:00 GMT

read more

CVE-2025-3961 - Withstars Books-Management-System Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3961
Published : April 27, 2025, 7:15 a.m. | 9 hours, 6 minutes ago
Description : A vulnerability classified as problematic has been found in withstars Books-Management-System 1.0. This affects an unknown part of the file /admin/article/add/do. The manipulation of the argument Title leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 27 Apr 2025 07:15:00 GMT

read more

CVE-2025-3962 - Withstars Books-Management-System Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3962
Published : April 27, 2025, 7:15 a.m. | 9 hours, 6 minutes ago
Description : A vulnerability classified as problematic was found in withstars Books-Management-System 1.0. This vulnerability affects unknown code of the file /api/comment/add of the component Comment Handler. The manipulation of the argument content leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 27 Apr 2025 07:15:00 GMT

read more

CVE-2025-3960 - Withstars Books-Management-System Background Interface Missing Authorization Remote Vulnerability

CVE ID : CVE-2025-3960
Published : April 27, 2025, 6:15 a.m. | 10 hours, 6 minutes ago
Description : A vulnerability was found in withstars Books-Management-System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /allreaders.html of the component Background Interface. The manipulation leads to missing authorization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 27 Apr 2025 06:15:00 GMT

read more

CVE-2025-3959 - "Withstars Books-Management-System Cross-Site Request Forgery Vulnerability"

CVE ID : CVE-2025-3959
Published : April 27, 2025, 5:15 a.m. | 11 hours, 6 minutes ago
Description : A vulnerability was found in withstars Books-Management-System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /reader_delete.html. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 27 Apr 2025 05:15:00 GMT

read more

CVE-2025-3956 - Novel-Cloud SQL Injection Vulnerability

CVE ID : CVE-2025-3956
Published : April 27, 2025, 4:15 a.m. | 12 hours, 6 minutes ago
Description : A vulnerability has been found in 201206030 novel-cloud 1.4.0 and classified as critical. This vulnerability affects the function RestResp of the file novel-cloud-master/novel-book/novel-book-service/src/main/resources/mapper/BookInfoMapper.xml. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 27 Apr 2025 04:15:00 GMT

read more

CVE-2025-3957 - Opplus Springboot-Admin SQL Injection Vulnerability

CVE ID : CVE-2025-3957
Published : April 27, 2025, 4:15 a.m. | 12 hours, 6 minutes ago
Description : A vulnerability was found in opplus springboot-admin 1.0 and classified as critical. This issue affects some unknown processing of the file \src\main\resources\mapper\sys\SysLogDao.xml. The manipulation of the argument order leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 27 Apr 2025 04:15:00 GMT

read more

CVE-2025-3958 - Withstars Books-Management-System Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3958
Published : April 27, 2025, 4:15 a.m. | 12 hours, 6 minutes ago
Description : A vulnerability was found in withstars Books-Management-System 1.0. It has been classified as problematic. Affected is an unknown function of the file /book_edit_do.html of the component Book Edit Page. The manipulation of the argument Name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 27 Apr 2025 04:15:00 GMT

read more

CVE-2025-46580 - GoldenDB Database Information Disclosure and Privilege Escalation Vulnerability

CVE ID : CVE-2025-46580
Published : April 27, 2025, 3:15 a.m. | 13 hours, 6 minutes ago
Description : There is a code-related vulnerability in the GoldenDB database product. Attackers can access system tables to disrupt the normal operation of business SQL.
Severity: 7.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 27 Apr 2025 03:15:00 GMT

read more

CVE-2025-46578 - GoldenDB Database SQL Injection Vulnerability

CVE ID : CVE-2025-46578
Published : April 27, 2025, 2:15 a.m. | 14 hours, 6 minutes ago
Description : There are SQL injection vulnerabilities in multiple interfaces of the GoldenDB database product. Attackers can exploit these interfaces to inject commands and extract sensitive database information.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 27 Apr 2025 02:15:00 GMT

read more

CVE-2025-46579 - GoldenDB DDE Injection Vulnerability

CVE ID : CVE-2025-46579
Published : April 27, 2025, 2:15 a.m. | 14 hours, 6 minutes ago
Description : There is a DDE injection vulnerability in the GoldenDB database product. Attackers can inject DDE expressions through the interface, and when users download and open the affected file, the DDE commands can be executed.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 27 Apr 2025 02:15:00 GMT

read more

CVE-2025-46574 - GoldenDB Information Disclosure

CVE ID : CVE-2025-46574
Published : April 27, 2025, 2:15 a.m. | 12 hours, 6 minutes ago
Description : There is an information disclosure vulnerability in the GoldenDB database product. Attackers can exploit error messages to obtain the system's sensitive information.
Severity: 4.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 27 Apr 2025 02:15:00 GMT

read more

CVE-2025-46575 - GoldenDB Information Disclosure Vulnerability

CVE ID : CVE-2025-46575
Published : April 27, 2025, 2:15 a.m. | 12 hours, 6 minutes ago
Description : There is an information disclosure vulnerability in the GoldenDB database product. Attackers can exploit error messages to obtain the system's sensitive information.
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 27 Apr 2025 02:15:00 GMT

read more

CVE-2025-46576 - GoldenDB Database Permission Bypass Vulnerability

CVE ID : CVE-2025-46576
Published : April 27, 2025, 2:15 a.m. | 12 hours, 6 minutes ago
Description : There is a Permission Management and Access Control vulnerability in the GoldenDB database product. Attackers can manipulate requests to bypass privilege restrictions and delete content.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 27 Apr 2025 02:15:00 GMT

read more

CVE-2025-46577 - GoldenDB Database SQL Injection Vulnerability

CVE ID : CVE-2025-46577
Published : April 27, 2025, 2:15 a.m. | 12 hours, 6 minutes ago
Description : There is a SQL injection vulnerability in the GoldenDB database product. Attackers can inject commands to extract database information.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 27 Apr 2025 02:15:00 GMT

read more

CVE-2025-3955 - "Codeprojects Patient Record Management System SQL Injection Vulnerability"

CVE ID : CVE-2025-3955
Published : April 27, 2025, 1:15 a.m. | 9 hours, 6 minutes ago
Description : A vulnerability, which was classified as critical, was found in codeprojects Patient Record Management System 1.0. This affects an unknown part of the file /edit_rpatient.php.php. The manipulation of the argument id/lastname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 27 Apr 2025 01:15:00 GMT

read more

CVE-2025-46672 - NASA CryptoLib Crypto Function Status Validation Bypass

CVE ID : CVE-2025-46672
Published : April 27, 2025, 1:15 a.m. | 9 hours, 6 minutes ago
Description : NASA CryptoLib before 1.3.2 does not check the OTAR crypto function returned status, potentially leading to spacecraft hijacking.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 27 Apr 2025 01:15:00 GMT

read more

CVE-2025-46673 - NASA CryptoLib SDLS Protocol Bypass Vulnerability

CVE ID : CVE-2025-46673
Published : April 27, 2025, 1:15 a.m. | 9 hours, 6 minutes ago
Description : NASA CryptoLib before 1.3.2 does not check whether the SA is in an operational state before use, possibly leading to a bypass of the Space Data Link Security protocol (SDLS).
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 27 Apr 2025 01:15:00 GMT

read more

CVE-2025-46674 - NASA CryptoLib Cryptographic Vulnerability

CVE ID : CVE-2025-46674
Published : April 27, 2025, 1:15 a.m. | 9 hours, 5 minutes ago
Description : NASA CryptoLib before 1.3.2 uses Extended Procedures that are a Work in Progress (not intended for use during flight), potentially leading to a keystream oracle.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 27 Apr 2025 01:15:00 GMT

read more

CVE-2025-46675 - NASA CryptoLib Cryptographic Key State Validation Bypass

CVE ID : CVE-2025-46675
Published : April 27, 2025, 1:15 a.m. | 9 hours, 5 minutes ago
Description : In NASA CryptoLib before 1.3.2, the key state is not checked before use, potentially leading to spacecraft hijacking.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 27 Apr 2025 01:15:00 GMT

read more

CVE-2025-3954 - ChurchCRM Referer Handler Server-Side Request Forgery Vulnerability

CVE ID : CVE-2025-3954
Published : April 26, 2025, 10:15 p.m. | 12 hours, 6 minutes ago
Description : A vulnerability, which was classified as problematic, has been found in ChurchCRM 5.16.0. Affected by this issue is some unknown functionality of the component Referer Handler. The manipulation leads to server-side request forgery. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 26 Apr 2025 22:15:00 GMT

read more

CVE-2025-46656 - Markdownify Headline Prefix Overflow

CVE ID : CVE-2025-46656
Published : April 26, 2025, 10:15 p.m. | 12 hours, 6 minutes ago
Description : python-markdownify (aka markdownify) before 0.14.1 allows large headline prefixes such as in addition to

through

. This causes memory consumption.
Severity: 2.9 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 26 Apr 2025 22:15:00 GMT

read more

CVE-2025-46653 - Formidable File Name Guessing Vulnerability

CVE ID : CVE-2025-46653
Published : April 26, 2025, 9:15 p.m. | 11 hours, 6 minutes ago
Description : Formidable (aka node-formidable) 2.1.0 through 3.x before 3.5.3 relies on hexoid to prevent guessing of filenames for untrusted executable content; however, hexoid is documented as not "cryptographically secure." (Also, there is a scenario in which only the last two characters of a hexoid string need to be guessed, but this is not often relevant.) NOTE: this does not imply that, in a typical use case, attackers will be able to exploit any hexoid behavior to upload and execute their own content.
Severity: 3.1 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 26 Apr 2025 21:15:00 GMT

read more

CVE-2025-46654 - CodiMD through 2.2.0 has a CSP-based protection me

CVE ID : CVE-2025-46654
Published : April 26, 2025, 9:15 p.m. | 11 hours, 6 minutes ago
Description : CodiMD through 2.2.0 has a CSP-based protection mechanism against XSS through uploaded JavaScript content, but it can be bypassed by uploading a .html file that references an uploaded .js file.
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 26 Apr 2025 21:15:00 GMT

read more

CVE-2025-46655 - CodiMD AWS S3 SVG XSS Bypass

CVE ID : CVE-2025-46655
Published : April 26, 2025, 9:15 p.m. | 11 hours, 6 minutes ago
Description : CodiMD through 2.5.4 has a CSP-based protection mechanism against XSS through uploaded SVG documents containing JavaScript, but it can be bypassed in certain cases of different-origin file storage, such as AWS S3. NOTE: it can be considered a user error if AWS is employed for hosting untrusted JavaScript content, but the selected architecture within AWS does not have components that are able to insert Content-Security-Policy headers.
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 26 Apr 2025 21:15:00 GMT

read more

CVE-2025-46652 - IZArc Mark-of-the-Web Bypass Information Disclosure Vulnerability

CVE ID : CVE-2025-46652
Published : April 26, 2025, 6:15 p.m. | 14 hours, 6 minutes ago
Description : In IZArc through 4.5, there is a Mark-of-the-Web Bypass Vulnerability. When a user performs an extraction from an archive file that bears Mark-of-the-Web, Mark-of-the-Web is not propagated to the extracted files.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 26 Apr 2025 18:15:00 GMT

read more

CVE-2024-53636 - Serosoft Academia Student Information System (SIS) EagleR File Upload Code Execution Vulnerability

CVE ID : CVE-2024-53636
Published : April 26, 2025, 3:15 p.m. | 11 hours, 5 minutes ago
Description : An arbitrary file upload vulnerability via writefile.php of Serosoft Academia Student Information System (SIS) EagleR-1.0.118 allows attackers to execute arbitrary code via ../ in the filePath parameter.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 26 Apr 2025 15:15:00 GMT

read more

CVE-2025-46646 - Ghostscript UTF-8 Encoding Vulnerability

CVE ID : CVE-2025-46646
Published : April 26, 2025, 3:15 p.m. | 11 hours, 5 minutes ago
Description : In Artifex Ghostscript before 10.05.0, decode_utf8 in base/gp_utf8.c mishandles overlong UTF-8 encoding. NOTE: this issue exists because of an incomplete fix for CVE-2024-46954.
Severity: 4.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 26 Apr 2025 15:15:00 GMT

read more

CVE-2024-13812 - "Anps Theme Plugin WordPress Shortcode Injection Vulnerability"

CVE ID : CVE-2024-13812
Published : April 26, 2025, 9:15 a.m. | 17 hours, 5 minutes ago
Description : The The Anps Theme plugin plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.1.1. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 26 Apr 2025 09:15:00 GMT

read more

CVE-2025-2101 - Edumall WordPress Local File Inclusion Vulnerability

CVE ID : CVE-2025-2101
Published : April 26, 2025, 9:15 a.m. | 17 hours, 5 minutes ago
Description : The Edumall theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.2.4 via the 'template' parameter of the 'edumall_lazy_load_template' AJAX action. This makes it possible for unauthenticated attackers to include and execute arbitrary PHP files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where PHP files can be uploaded and included.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 26 Apr 2025 09:15:00 GMT

read more

CVE-2025-2850 - "GL.iNet Router Unauthorized Download Interface Processing Vulnerability"

CVE ID : CVE-2025-2850
Published : April 26, 2025, 8:15 a.m. | 18 hours, 6 minutes ago
Description : A vulnerability was found in GL.iNet GL-A1300 Slate Plus, GL-AR300M16 Shadow, GL-AR300M Shadow, GL-AR750 Creta, GL-AR750S-EXT Slate, GL-AX1800 Flint, GL-AXT1800 Slate AX, GL-B1300 Convexa-B, GL-B3000 Marble, GL-BE3600 Slate 7, GL-E750, GL-E750V2 Mudi, GL-MT300N-V2 Mango, GL-MT1300 Beryl, GL-MT2500 Brume 2, GL-MT3000 Beryl AX, GL-MT6000 Flint 2, GL-SFT1200 Opal, GL-X300B Collie, GL-X750 Spitz, GL-X3000 Spitz AX, GL-XE300 Puli and GL-XE3000 Puli AX 4.x. It has been rated as problematic. This issue affects some unknown processing of the component Download Interface. The manipulation leads to improper authorization. It is recommended to upgrade the affected component.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 26 Apr 2025 08:15:00 GMT

read more

CVE-2025-2851 - GL.iNet RPC Handler Buffer Overflow

CVE ID : CVE-2025-2851
Published : April 26, 2025, 8:15 a.m. | 18 hours, 6 minutes ago
Description : A vulnerability classified as critical has been found in GL.iNet GL-A1300 Slate Plus, GL-AR300M16 Shadow, GL-AR300M Shadow, GL-AR750 Creta, GL-AR750S-EXT Slate, GL-AX1800 Flint, GL-AXT1800 Slate AX, GL-B1300 Convexa-B, GL-B3000 Marble, GL-BE3600 Slate 7, GL-E750, GL-E750V2 Mudi, GL-MT300N-V2 Mango, GL-MT1300 Beryl, GL-MT2500 Brume 2, GL-MT3000 Beryl AX, GL-MT6000 Flint 2, GL-SFT1200 Opal, GL-X300B Collie, GL-X750 Spitz, GL-X3000 Spitz AX, GL-XE300 Puli and GL-XE3000 Puli AX 4.x. Affected is an unknown function of the file plugins.so of the component RPC Handler. The manipulation leads to buffer overflow. It is recommended to upgrade the affected component.
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 26 Apr 2025 08:15:00 GMT

read more

CVE-2025-2811 - "GL.iNet Router Regular Expression Complexity Inefficient Vulnerability"

CVE ID : CVE-2025-2811
Published : April 26, 2025, 7:15 a.m. | 19 hours, 6 minutes ago
Description : A vulnerability was found in GL.iNet GL-A1300 Slate Plus, GL-AR300M16 Shadow, GL-AR300M Shadow, GL-AR750 Creta, GL-AR750S-EXT Slate, GL-AX1800 Flint, GL-AXT1800 Slate AX, GL-B1300 Convexa-B, GL-B3000 Marble, GL-BE3600 Slate 7, GL-E750, GL-E750V2 Mudi, GL-MT300N-V2 Mango, GL-MT1300 Beryl, GL-MT2500 Brume 2, GL-MT3000 Beryl AX, GL-MT6000 Flint 2, GL-SFT1200 Opal, GL-X300B Collie, GL-X750 Spitz, GL-X3000 Spitz AX, GL-XE300 Puli and GL-XE3000 Puli AX 4.x. It has been declared as problematic. This vulnerability affects unknown code of the component API. The manipulation leads to inefficient regular expression complexity. It is recommended to upgrade the affected component.
Severity: 5.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 26 Apr 2025 07:15:00 GMT

read more

CVE-2025-1458 - Elementor Element Pack Addons Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-1458
Published : April 26, 2025, 6:15 a.m. | 20 hours, 6 minutes ago
Description : The Element Pack Addons for Elementor – Free Templates and Widgets for Your WordPress Websites plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several widgets like Dual Button, Creative Button, Image Stack and more in all versions up to, and including, 5.10.29 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 26 Apr 2025 06:15:00 GMT

read more

CVE-2025-2105 - Jupiter X Core WordPress PHP Object Injection Vulnerability

CVE ID : CVE-2025-2105
Published : April 26, 2025, 6:15 a.m. | 20 hours, 5 minutes ago
Description : The Jupiter X Core plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.8.11 via deserialization of untrusted input from the 'file' parameter of the 'raven_download_file' function. This makes it possible for attackers to inject a PHP Object through a PHAR file. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present. This vulnerability may be exploited by unauthenticated attackers when a form is present on the site with the file download action, and the ability to upload files is also present. Otherwise, this would be considered exploitable by Contributor-level users and above, because they could create the form needed to successfully exploit this.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 26 Apr 2025 06:15:00 GMT

read more

CVE-2025-2907 - WordPress Order Delivery Date Plugin Authentication Bypass and CSRF Vulnerability

CVE ID : CVE-2025-2907
Published : April 26, 2025, 6:15 a.m. | 20 hours, 5 minutes ago
Description : The Order Delivery Date WordPress plugin before 12.3.1 does not have authorization and CSRF checks when importing settings. Furthermore it also lacks proper checks to only update options relevant to the Order Delivery Date WordPress plugin before 12.3.1. This leads to attackers being able to modify the default_user_role to administrator and users_can_register, allowing them to register as an administrator of the site for complete site takeover.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 26 Apr 2025 06:15:00 GMT

read more

CVE-2025-3491 - WordPress Add Custom Page Template PHP Code Injection

CVE ID : CVE-2025-3491
Published : April 26, 2025, 6:15 a.m. | 20 hours, 5 minutes ago
Description : The Add custom page template plugin for WordPress is vulnerable to PHP Code Injection leading to Remote Code Execution in all versions up to, and including, 2.0.1 via the 'acpt_validate_setting' function. This is due to insufficient sanitization of the 'template_name' parameter. This makes it possible for authenticated attackers, with Administrator-level access and above, to execute code on the server.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 26 Apr 2025 06:15:00 GMT

read more

CVE-2025-3906 - Eduzz WooCommerce Unauthorized Data Modification Vulnerability

CVE ID : CVE-2025-3906
Published : April 26, 2025, 6:15 a.m. | 20 hours, 5 minutes ago
Description : The Integração entre Eduzz e Woocommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wep_opcoes' function in all versions up to, and including, 1.7.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to edit the default registration role within the plugin's registration flow to Administrator, which allows any user to create an Administrator account.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 26 Apr 2025 06:15:00 GMT

read more

CVE-2025-3914 - Airtable Aeropage Sync for WordPress Unauthenticated Arbitrary File Upload Vulnerability

CVE ID : CVE-2025-3914
Published : April 26, 2025, 6:15 a.m. | 20 hours, 5 minutes ago
Description : The Aeropage Sync for Airtable plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'aeropage_media_downloader' function in all versions up to, and including, 3.2.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 26 Apr 2025 06:15:00 GMT

read more

CVE-2025-3915 - Airtable Aeropage Sync for WordPress Unauthorized Data Deletion Vulnerability

CVE ID : CVE-2025-3915
Published : April 26, 2025, 6:15 a.m. | 20 hours, 5 minutes ago
Description : The Aeropage Sync for Airtable plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'aeropageDeletePost' function in all versions up to, and including, 3.2.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary posts.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 26 Apr 2025 06:15:00 GMT

read more

CVE-2024-13808 - Xpro Elementor Addons - Pro WordPress Remote Code Execution Vulnerability

CVE ID : CVE-2024-13808
Published : April 26, 2025, 5:15 a.m. | 18 hours, 29 minutes ago
Description : The Xpro Elementor Addons - Pro plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.4.9 via the custom PHP widget. This is due to their only being client side controls when determining who can access the widget. This makes it possible for authenticated attackers, with Contributor-level access and above, to execute code on the server.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 26 Apr 2025 05:15:00 GMT

read more

CVE-2025-2801 - WordPress Create Custom Forms Plugin Arbitrary Shortcode Execution Vulnerability

CVE ID : CVE-2025-2801
Published : April 26, 2025, 4:15 a.m. | 19 hours, 29 minutes ago
Description : The The Create custom forms for WordPress with a smart form plugin for smart businesses plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.2.4. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 26 Apr 2025 04:15:00 GMT

read more

CVE-2025-32985 - NETSCOUT nGeniusONE Credential Hardcoding Vulnerability

CVE ID : CVE-2025-32985
Published : April 25, 2025, 9:15 p.m. | 1 day, 2 hours ago
Description : NETSCOUT nGeniusONE before 6.4.0 b2350 has Hardcoded Credentials that can be obtained from JAR files.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 21:15:00 GMT

read more

CVE-2025-32986 - NETSCOUT nGeniusONE Unauthenticated Sensitive File Access

CVE ID : CVE-2025-32986
Published : April 25, 2025, 9:15 p.m. | 1 day, 2 hours ago
Description : NETSCOUT nGeniusONE before 6.4.0 b2350 has a Sensitive File Accessible Without Proper Authentication to an endpoint.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 21:15:00 GMT

read more

CVE-2025-46333 - Z2D Stride Compositor Out-of-Bounds Write

CVE ID : CVE-2025-46333
Published : April 25, 2025, 9:15 p.m. | 1 day, 2 hours ago
Description : z2d is a pure Zig 2D graphics library. In version 0.6.0, when writing from one surface to another using `z2d.compositor.StrideCompositor.run`, the source surface can be completely out-of-bounds on the x-axis (but not on the y-axis) by way of a negative offset. This results in an overflow of the value controlling the length of the stride. In non-safe optimization modes (consumers compiling with `ReleaseFast` or `ReleaseSmall`), this could potentially lead to invalid memory accesses or corruption. This issue is patched in version 0.6.1.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 21:15:00 GMT

read more

CVE-2025-32979 - NETSCOUT nGeniusONE Path Traversal Vulnerability

CVE ID : CVE-2025-32979
Published : April 25, 2025, 9:15 p.m. | 16 hours, 27 minutes ago
Description : NETSCOUT nGeniusONE before 6.4.0 b2350 allows Arbitrary File Creation by authenticated users.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 21:15:00 GMT

read more

CVE-2025-32980 - NETSCOUT nGeniusONE Privilege Escalation Weakness

CVE ID : CVE-2025-32980
Published : April 25, 2025, 9:15 p.m. | 23 hours ago
Description : NETSCOUT nGeniusONE before 6.4.0 b2350 has a Weak Sudo Configuration.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 21:15:00 GMT

read more

CVE-2025-32981 - NETSCOUT nGeniusONE Local File Inclusion

CVE ID : CVE-2025-32981
Published : April 25, 2025, 9:15 p.m. | 23 hours ago
Description : NETSCOUT nGeniusONE before 6.4.0 b2350 allows local users to leverage Insecure Permissions for the nGeniusCLI File.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 21:15:00 GMT

read more

CVE-2025-32982 - NETSCOUT nGeniusONE Broken Authorization Schema Vulnerability

CVE ID : CVE-2025-32982
Published : April 25, 2025, 9:15 p.m. | 23 hours ago
Description : NETSCOUT nGeniusONE before 6.4.0 b2350 has a Broken Authorization Schema for the report module.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 21:15:00 GMT

read more

CVE-2025-32983 - NETSCOUT nGeniusONE Information Disclosure Vulnerability

CVE ID : CVE-2025-32983
Published : April 25, 2025, 9:15 p.m. | 23 hours ago
Description : NETSCOUT nGeniusONE before 6.4.0 b2350 allows Technical Information Disclosure via a Stack Trace.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 21:15:00 GMT

read more

CVE-2025-32984 - NETSCOUT nGeniusONE Stored Cross-Site Scripting (XSS)

CVE ID : CVE-2025-32984
Published : April 25, 2025, 9:15 p.m. | 23 hours ago
Description : NETSCOUT nGeniusONE before 6.4.0 b2350 allows Stored Cross-Site Scripting (XSS) via a certain POST parameter.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 21:15:00 GMT

read more

CVE-2025-28128 - Mytel Telecom Online Account System Authentication Bypass

CVE ID : CVE-2025-28128
Published : April 25, 2025, 8:15 p.m. | 17 hours, 27 minutes ago
Description : An issue in Mytel Telecom Online Account System v1.0 allows attackers to bypass the OTP verification process via a crafted request.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 20:15:00 GMT

read more

CVE-2025-3935 - ScreenConnect ASP.NET ViewState Code Injection Vulnerability

CVE ID : CVE-2025-3935
Published : April 25, 2025, 7:15 p.m. | 18 hours, 27 minutes ago
Description : ScreenConnect versions 25.2.3 and earlier versions may be susceptible to a ViewState code injection attack. ASP.NET Web Forms use ViewState to preserve page and control state, with data encoded using Base64 protected by machine keys.  It is important to note that to obtain these machine keys, privileged system level access must be obtained. If these machine keys are compromised, attackers could create and send a malicious ViewState to the website, potentially leading to remote code execution on the server.  The risk does not originate from a vulnerability introduced by ScreenConnect, but from platform level behavior.  This had no direct impact to ScreenConnect Client. ScreenConnect 2025.4 patch disables ViewState and removes any dependency on it.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 19:15:00 GMT

read more

CVE-2024-30152 - HCL SX Cryptographic Weakness

CVE ID : CVE-2024-30152
Published : April 25, 2025, 6:15 p.m. | 14 hours ago
Description : HCL SX v21 is affected by usage of a weak cryptographic algorithm. An attacker could exploit this weakness to gain access to sensitive information, modify data, or other impacts.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 18:15:00 GMT

read more

CVE-2025-25775 - Codeastro Bus Ticket Booking System SQL Injection Vulnerability

CVE ID : CVE-2025-25775
Published : April 25, 2025, 5:15 p.m. | 15 hours ago
Description : Codeastro Bus Ticket Booking System v1.0 is vulnerable to SQL injection via the kodetiket parameter in /BusTicket-CI/tiket/cekorder.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 17:15:00 GMT

read more

CVE-2025-2070 - "FileZ XML Parsing Denial of Service"

CVE ID : CVE-2025-2070
Published : April 25, 2025, 4:15 p.m. | 16 hours ago
Description : An improper XML parsing vulnerability was reported in the FileZ client that could allow arbitrary file reads on the system if a crafted url is visited by a local user.
Severity: 5.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 16:15:00 GMT

read more

CVE-2025-3928 - Commvault Web Server Remote Webshell Execution

CVE ID : CVE-2025-3928
Published : April 25, 2025, 4:15 p.m. | 16 hours ago
Description : Commvault Web Server has an unspecified vulnerability that can be exploited by a remote, authenticated attacker. According to the Commvault advisory: "Webservers can be compromised through bad actors creating and executing webshells." Fixed in version 11.36.46, 11.32.89, 11.28.141, and 11.20.217 for Windows and Linux platforms.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 16:15:00 GMT

read more

CVE-2021-32601 - Apache Struts Deserialization Vulnerability

CVE ID : CVE-2021-32601
Published : April 25, 2025, 4:15 p.m. | 14 hours, 2 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 16:15:00 GMT

read more

CVE-2024-56156 - Halo File Type Validation Bypass Vulnerability

CVE ID : CVE-2024-56156
Published : April 25, 2025, 4:15 p.m. | 14 hours, 2 minutes ago
Description : Halo is an open source website building tool. Prior to version 2.20.13, a vulnerability in Halo allows attackers to bypass file type validation controls. This bypass enables the upload of malicious files including executables and HTML files, which can lead to stored cross-site scripting attacks and potential remote code execution under certain circumstances. This issue has been patched in version 2.20.13.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 16:15:00 GMT

read more

CVE-2025-2068 - FileZ Open Redirect Information Disclosure

CVE ID : CVE-2025-2068
Published : April 25, 2025, 4:15 p.m. | 14 hours, 2 minutes ago
Description : An open redirect vulnerability was reported in the FileZ client that could allow information disclosure if a crafted url is visited by a local user.
Severity: 5.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 16:15:00 GMT

read more

CVE-2025-2069 - FileZ Cross-Site Scripting (XSS)

CVE ID : CVE-2025-2069
Published : April 25, 2025, 4:15 p.m. | 14 hours, 2 minutes ago
Description : A cross-site scripting vulnerability was reported in the FileZ client that could allow execution of code if a crafted url is visited by a local user.
Severity: 5.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 16:15:00 GMT

read more

CVE-2025-43862 - Dify APP Orchestration Privilege Escalation Vulnerability

CVE ID : CVE-2025-43862
Published : April 25, 2025, 3:15 p.m. | 15 hours, 2 minutes ago
Description : Dify is an open-source LLM app development platform. Prior to version 0.6.12, a normal user is able to access and modify APP orchestration, even though the web UI of APP orchestration is not presented for a normal user. This access control flaw allows non-admin users to make unauthorized access and changes on the APPSs. This issue has been patched in version 0.6.12. A workaround for this vulnerability involves updating the the access control mechanisms to enforce stricter user role permissions and implementing role-based access controls (RBAC) to ensure that only users with admin privileges can access Orchestration of the APPs.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 15:15:00 GMT

read more

CVE-2025-46432 - JetBrains TeamCity Base64 Credentials Exposure

CVE ID : CVE-2025-46432
Published : April 25, 2025, 3:15 p.m. | 15 hours, 2 minutes ago
Description : In JetBrains TeamCity before 2025.03.1 base64-encoded credentials could be exposed in build logs
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 15:15:00 GMT

read more

CVE-2025-46433 - JetBrains TeamCity Path Traversal Vulnerability

CVE ID : CVE-2025-46433
Published : April 25, 2025, 3:15 p.m. | 15 hours, 2 minutes ago
Description : In JetBrains TeamCity before 2025.03.1 improper path validation in loggingPreset parameter was possible
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 15:15:00 GMT

read more

CVE-2025-46618 - JetBrains TeamCity Stored XSS Vulnerability

CVE ID : CVE-2025-46618
Published : April 25, 2025, 3:15 p.m. | 15 hours, 2 minutes ago
Description : In JetBrains TeamCity before 2025.03.1 stored XSS was possible on Data Directory tab
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 15:15:00 GMT

read more

CVE-2025-3647 - Moodle Information Disclosure

CVE ID : CVE-2025-3647
Published : April 25, 2025, 3:15 p.m. | 11 hours, 1 minute ago
Description : A flaw was discovered in Moodle. Additional checks were required to ensure that users can only access cohort data they are authorized to retrieve.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 15:15:00 GMT

read more

CVE-2025-43016 - JetBrains Rider Unvalidated Archive Unpacking Vulnerability

CVE ID : CVE-2025-43016
Published : April 25, 2025, 3:15 p.m. | 11 hours, 1 minute ago
Description : In JetBrains Rider before 2025.1.2 custom archive unpacker allowed arbitrary file overwrite during remote debug session
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 15:15:00 GMT

read more

CVE-2025-3625 - Moodle Authentication Bypass

CVE ID : CVE-2025-3625
Published : April 25, 2025, 3:15 p.m. | 1 hour, 21 minutes ago
Description : A security vulnerability was discovered in Moodle that can allow hackers to gain access to sensitive information about students and prevent them from logging into their accounts, even after they had completed two-factor authentication (2FA).
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 15:15:00 GMT

read more

CVE-2025-3627 - Moodle Information Disclosure Vulnerability

CVE ID : CVE-2025-3627
Published : April 25, 2025, 3:15 p.m. | 1 hour, 21 minutes ago
Description : A security vulnerability was discovered in Moodle that allows some users to access sensitive information about other students before they finish verifying their identities using two-factor authentication (2FA).
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 15:15:00 GMT

read more

CVE-2025-3628 - Moodle Anonymous Assignment De-Anonymization Vulnerability

CVE ID : CVE-2025-3628
Published : April 25, 2025, 3:15 p.m. | 1 hour, 21 minutes ago
Description : A flaw has was found in Moodle where anonymous assignment submissions can be de-anonymized via search, revealing student identities.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 15:15:00 GMT

read more

CVE-2025-3635 - Moodle CSRF Tour Duplicating Vulnerability

CVE ID : CVE-2025-3635
Published : April 25, 2025, 3:15 p.m. | 5 hours, 1 minute ago
Description : A security vulnerability was discovered in Moodle that allows anyone to duplicate existing tours without needing to log in due to a lack of protection against cross-site request forgery (CSRF) attacks.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 15:15:00 GMT

read more

CVE-2025-3636 - Moodle RSS Feed Access Vulnerability

CVE ID : CVE-2025-3636
Published : April 25, 2025, 3:15 p.m. | 5 hours, 1 minute ago
Description : A flaw was found in Moodle. This vulnerability allows unauthorized users to access and view RSS feeds due to insufficient capability checks.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 15:15:00 GMT

read more

CVE-2025-3637 - Moodle CSRF Information Disclosure

CVE ID : CVE-2025-3637
Published : April 25, 2025, 3:15 p.m. | 5 hours, 1 minute ago
Description : A security vulnerability was found in Moodle where confidential information that prevents cross-site request forgery (CSRF) attacks was shared publicly through the site's URL. This vulnerability occurred specifically on two types of pages within the mod_data module: edit and delete pages.
Severity: 3.1 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 15:15:00 GMT

read more

CVE-2025-3638 - Moodle CSRF in Brickfield Tool

CVE ID : CVE-2025-3638
Published : April 25, 2025, 3:15 p.m. | 5 hours, 1 minute ago
Description : A flaw was found in Moodle. The analysis request action in the Brickfield tool did not include the necessary token to prevent a Cross-site request forgery (CSRF) risk.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 15:15:00 GMT

read more

CVE-2025-3640 - Moodle Information Disclosure Vulnerability

CVE ID : CVE-2025-3640
Published : April 25, 2025, 3:15 p.m. | 5 hours, 1 minute ago
Description : A flaw was found in Moodle. Insufficient capability checks made it possible for a user enrolled in a course to access some details, such as the full name and profile image URL, of other users they did not have permission to access.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 15:15:00 GMT

read more

CVE-2025-3641 - Moodle Dropbox Repository Remote Code Execution Vulnerability

CVE ID : CVE-2025-3641
Published : April 25, 2025, 3:15 p.m. | 5 hours, 1 minute ago
Description : A flaw was found in Moodle. A remote code execution risk was identified in the Moodle LMS Dropbox repository. By default, this was only available to teachers and managers on sites with the Dropbox repository enabled.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 15:15:00 GMT

read more

CVE-2025-3642 - Moodle EQUELLA Remote Code Execution Vulnerability

CVE ID : CVE-2025-3642
Published : April 25, 2025, 3:15 p.m. | 5 hours, 1 minute ago
Description : A flaw was found in Moodle. A remote code execution risk was identified in the Moodle LMS EQUELLA repository. By default, this was only available to teachers and managers on sites with the EQUELLA repository enabled.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 15:15:00 GMT

read more

CVE-2025-3643 - Moodle Reflected Cross-site Scripting Vulnerability

CVE ID : CVE-2025-3643
Published : April 25, 2025, 3:15 p.m. | 5 hours, 1 minute ago
Description : A flaw was found in Moodle. The return URL in the policy tool required additional sanitizing to prevent a reflected Cross-site scripting (XSS) risk.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 15:15:00 GMT

read more

CVE-2025-3644 - Moodle Course Section Deletion Privilege Escalation Vulnerability

CVE ID : CVE-2025-3644
Published : April 25, 2025, 3:15 p.m. | 5 hours, 1 minute ago
Description : A flaw was found in Moodle. Additional checks were required to prevent users from deleting course sections they did not have permission to modify.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 15:15:00 GMT

read more

CVE-2025-3645 - Moodle Information Disclosure Vulnerability

CVE ID : CVE-2025-3645
Published : April 25, 2025, 3:15 p.m. | 5 hours, 1 minute ago
Description : A flaw was found in Moodle. Insufficient capability checks in a messaging web service allowed users to view other users' names and online statuses.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 15:15:00 GMT

read more

CVE-2025-1565 - WordPress Mayosis Core Plugin Arbitrary File Read Vulnerability

CVE ID : CVE-2025-1565
Published : April 25, 2025, 10:15 a.m. | 4 hours, 20 minutes ago
Description : The Mayosis Core plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 5.4.1 via the library/wave-audio/peaks/remote_dl.php file. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 10:15:00 GMT

read more

CVE-2025-1279 - "WordPress BM Content Builder Unauthenticated Privilege Escalation"

CVE ID : CVE-2025-1279
Published : April 25, 2025, 9:15 a.m. | 5 hours, 20 minutes ago
Description : The BM Content Builder plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the ux_cb_tools_import_item_ajax AJAX action in all versions up to, and including, 3.16.2.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 09:15:00 GMT

read more

CVE-2025-3870 - "1 Decembrie 1918 WordPress CSRF"

CVE ID : CVE-2025-3870
Published : April 25, 2025, 9:15 a.m. | 5 hours, 20 minutes ago
Description : The 1 Decembrie 1918 plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.dec.2012. This is due to missing or incorrect nonce validation on the 1-decembrie-1918/1-decembrie-1918.php page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 09:15:00 GMT

read more

CVE-2025-46482 - MyThemeShop WP Quiz Stored Cross-site Scripting Vulnerability

CVE ID : CVE-2025-46482
Published : April 25, 2025, 8:15 a.m. | 6 hours, 20 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MyThemeShop WP Quiz allows Stored XSS.This issue affects WP Quiz: from n/a through 2.0.10.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 08:15:00 GMT

read more

CVE-2025-46535 - AlphaEfficiencyTeam Custom Login and Registration Missing Authorization Vulnerability

CVE ID : CVE-2025-46535
Published : April 25, 2025, 8:15 a.m. | 6 hours, 20 minutes ago
Description : Missing Authorization vulnerability in AlphaEfficiencyTeam Custom Login and Registration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Custom Login and Registration: from n/a through 1.0.0.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 08:15:00 GMT

read more

CVE-2025-2238 - Vikinger WordPress Privilege Escalation Vulnerability

CVE ID : CVE-2025-2238
Published : April 25, 2025, 7:15 a.m. | 7 hours, 20 minutes ago
Description : The Vikinger theme for WordPress is vulnerable to privilege in all versions up to, and including, 1.9.30. This is due to insufficient user_meta restrictions in the 'vikinger_user_meta_update_ajax' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to escalate their privileges to Administrator-level.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 07:15:00 GMT

read more

CVE-2025-3743 - WooCommerce Upsell Funnel Builder Order Manipulation Vulnerability

CVE ID : CVE-2025-3743
Published : April 25, 2025, 7:15 a.m. | 7 hours, 20 minutes ago
Description : The Upsell Funnel Builder for WooCommerce plugin for WordPress is vulnerable to order manipulation in all versions up to, and including, 3.0.0. This is due to the plugin allowing the additional product ID and discount field to be manipulated prior to processing via the 'add_offer_in_cart' function. This makes it possible for unauthenticated attackers to arbitrarily update the product associated with any order bump, and arbitrarily update the discount applied to any order bump item, when adding it to the cart.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 07:15:00 GMT

read more

CVE-2025-3866 - Google Plus One Social Share Button CSRF Vulnerability

CVE ID : CVE-2025-3866
Published : April 25, 2025, 7:15 a.m. | 7 hours, 20 minutes ago
Description : The Add Google +1 (Plus one) social share Button plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.0. This is due to missing or incorrect nonce validation on the google-plus-one-share-button page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 07:15:00 GMT

read more

CVE-2025-3867 - WordPress Ajax Comment Form CST CSRF

CVE ID : CVE-2025-3867
Published : April 25, 2025, 7:15 a.m. | 7 hours, 20 minutes ago
Description : The Ajax Comment Form CST plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2. This is due to missing or incorrect nonce validation via the 'acform_cst_settings' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 07:15:00 GMT

read more

CVE-2025-3868 - WordPress Custom Admin-Bar Favorites Reflected Cross-Site Scripting

CVE ID : CVE-2025-3868
Published : April 25, 2025, 7:15 a.m. | 7 hours, 20 minutes ago
Description : The Custom Admin-Bar Favorites plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'menuObject' parameter in all versions up to, and including, 0.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 07:15:00 GMT

read more

CVE-2025-46616 - Quantum StorNext Web GUI API RCE

CVE ID : CVE-2025-46616
Published : April 25, 2025, 7:15 a.m. | 7 hours, 20 minutes ago
Description : Quantum StorNext Web GUI API before 7.2.4 allows potential Arbitrary Remote Code Execution (RCE) via upload of a file. This affects StorNext RYO before 7.2.4, StorNext Xcellis Workflow Director before 7.2.4, and ActiveScale Cold Storage.
Severity: 9.9 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 07:15:00 GMT

read more

CVE-2025-46617 - Quantum StorNext Web GUI API Unauthorized Configuration Access and Modification

CVE ID : CVE-2025-46617
Published : April 25, 2025, 7:15 a.m. | 7 hours, 20 minutes ago
Description : Quantum StorNext Web GUI API before 7.2.4 grants access to internal StorNext configuration and unauthorized modification of some software configuration parameters via undocumented user credentials. This affects StorNext RYO before 7.2.4, StorNext Xcellis Workflow Director before 7.2.4, and ActiveScale Cold Storage.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 07:15:00 GMT

read more

CVE-2025-3511 - Mitsubishi Electric Corporation CC-Link IE TSN Denial of Service Remote Buffer Overflow

CVE ID : CVE-2025-3511
Published : April 25, 2025, 6:15 a.m. | 8 hours, 20 minutes ago
Description : Improper Validation of Specified Quantity in Input vulnerability in Mitsubishi Electric Corporation CC-Link IE TSN Remote I/O module, CC-Link IE TSN Analog-Digital Converter module, CC-Link IE TSN Digital-Analog Converter module, CC-Link IE TSN FPGA module and CC-Link IE TSN Remote Station Communication LSI CP620 with GbE-PHY allows a remote unauthenticated attacker to cause a Denial of Service condition in the products by sending specially crafted UDP packets.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 06:15:00 GMT

read more

CVE-2025-3861 - WordPress Prevent Direct Access Unauthorized Access Vulnerability

CVE ID : CVE-2025-3861
Published : April 25, 2025, 6:15 a.m. | 8 hours, 20 minutes ago
Description : The Prevent Direct Access – Protect WordPress Files plugin for WordPress is vulnerable to unauthorized access and modification of data| due to a misconfigured capability check on the 'pda_lite_custom_permission_check' function in versions 2.8.6 to 2.8.8.2. This makes it possible for authenticated attackers, with Contributor-level access and above, to access and change the protection status of media.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 06:15:00 GMT

read more

CVE-2025-3923 - WordPress Prevent Direct Access - Sensitive Information Exposure

CVE ID : CVE-2025-3923
Published : April 25, 2025, 6:15 a.m. | 8 hours, 20 minutes ago
Description : The Prevent Direct Access – Protect WordPress Files plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.8.8 via the 'generate_unique_string' due to insufficient randomness of the generated file name. This makes it possible for unauthenticated attackers to extract sensitive data including files protected by the plugin if the attacker can determine the file name.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 06:15:00 GMT

read more

CVE-2025-46613 - OpenPLC Server Memory Corruption

CVE ID : CVE-2025-46613
Published : April 25, 2025, 6:15 a.m. | 8 hours, 20 minutes ago
Description : OpenPLC 3 through 64f9c11 has server.cpp Memory Corruption because a thread may access handleConnections arguments after the parent stack frame becomes unavailable.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 06:15:00 GMT

read more

CVE-2025-0671 - Icegram Express WordPress Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-0671
Published : April 25, 2025, 6:15 a.m. | 5 hours, 59 minutes ago
Description : The Icegram Express WordPress plugin before 5.7.50 does not sanitise and escape some of its Template settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 06:15:00 GMT

read more

CVE-2025-2580 - Bit Form WordPress Contact Form Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-2580
Published : April 25, 2025, 6:15 a.m. | 5 hours, 59 minutes ago
Description : The Contact Form by Bit Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.18.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 06:15:00 GMT

read more

CVE-2025-3752 - Able Player WordPress Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3752
Published : April 25, 2025, 5:15 a.m. | 6 hours, 59 minutes ago
Description : The Able Player, accessible HTML5 media player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘preload’ parameter in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 05:15:00 GMT

read more

CVE-2025-3775 - ShopLentor WooCommerce Builder SSRF Vulnerability

CVE ID : CVE-2025-3775
Published : April 25, 2025, 5:15 a.m. | 6 hours, 59 minutes ago
Description : The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +20 Modules – All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.1.2 via the woolentor_template_proxy function. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application, and can be used to query and modify information from internal services.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 05:15:00 GMT

read more

CVE-2025-46599 - K3s Kubernetes Kubelet ReadWritePort Remote Authentication Bypass

CVE ID : CVE-2025-46599
Published : April 25, 2025, 5:15 a.m. | 6 hours, 59 minutes ago
Description : CNCF K3s 1.32 before 1.32.4-rc1+k3s1 has a Kubernetes kubelet configuration change with the unintended consequence that, in some situations, ReadOnlyPort is set to 10255. For example, the default behavior of a K3s online installation might allow unauthenticated access to this port, exposing credentials.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 05:15:00 GMT

read more

CVE-2025-46545 - Sherpa Orchestrator Stored Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-46545
Published : April 25, 2025, 3:15 a.m. | 8 hours, 59 minutes ago
Description : In Sherpa Orchestrator 141851, the functionality for adding or updating licenses allows for stored XSS attacks by an administrator through the name parameter. The XSS payload can execute when the license expires.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 03:15:00 GMT

read more

CVE-2025-46546 - Sherpa Orchestrator Blind SQL Injection Vulnerability

CVE ID : CVE-2025-46546
Published : April 25, 2025, 3:15 a.m. | 8 hours, 59 minutes ago
Description : In Sherpa Orchestrator 141851, multiple time-based blind SQL injections can be performed by an authenticated user. This affects api/gui/asset/list, /api/gui/files/export/csv/, /api/gui/files/list, /api/gui/process/export/csv, /api/gui/process/export/xlsx, /api/gui/process/listAll, /api/gui/processVersion/export/csv/, /api/gui/processVersion/export/xlsx/, /api/gui/processVersion/list/, /api/gui/robot/list/, /api/gui/task/export/csv/, /api/gui/task/export/xlsx/, and /api/gui/task/list/.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 03:15:00 GMT

read more

CVE-2025-46547 - Sherpa Orchestrator Cross-Site Request Forgery (XSS, SQL Injection) Vulnerability

CVE ID : CVE-2025-46547
Published : April 25, 2025, 3:15 a.m. | 8 hours, 59 minutes ago
Description : In Sherpa Orchestrator 141851, the web application lacks protection against CSRF attacks, with resultant effects of an attacker conducting XSS attacks, adding a new user or role, or exploiting a SQL injection issue.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 03:15:00 GMT

read more

CVE-2025-46595 - Backdrop CMS Flag Module Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-46595
Published : April 25, 2025, 3:15 a.m. | 8 hours, 59 minutes ago
Description : An XSS issue was discovered in the Flag module before 1.x-3.6.2 for Backdrop CMS. Flag is a module that allows flags to be added to nodes, comments, users, and any other type of entity. It doesn't verify flag links before performing the flag action, or verify that the response returned was provided by the flag module. This can allow crafted HTML to result in Cross Site Scripting. This is mitigated by the fact that an attacker must have a role with permission to create links on the website, for example: create or edit comments or content with a filtered text format.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 03:15:00 GMT

read more

CVE-2025-46544 - Sherpa Orchestrator Privilege Escalation Vulnerability

CVE ID : CVE-2025-46544
Published : April 25, 2025, 3:15 a.m. | 2 hours, 59 minutes ago
Description : In Sherpa Orchestrator 141851, a low-privileged user can elevate their privileges by creating new users and roles.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 03:15:00 GMT

read more

CVE-2025-43864 - React Router Cache Poisoning Vulnerability

CVE ID : CVE-2025-43864
Published : April 25, 2025, 1:15 a.m. | 4 hours, 59 minutes ago
Description : React Router is a router for React. Starting in version 7.2.0 and prior to version 7.5.2, it is possible to force an application to switch to SPA mode by adding a header to the request. If the application uses SSR and is forced to switch to SPA, this causes an error that completely corrupts the page. If a cache system is in place, this allows the response containing the error to be cached, resulting in a cache poisoning that strongly impacts the availability of the application. This issue has been patched in version 7.5.2.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 01:15:00 GMT

read more

CVE-2025-43865 - React Router HTTP Header Injection Vulnerability

CVE ID : CVE-2025-43865
Published : April 25, 2025, 1:15 a.m. | 4 hours, 59 minutes ago
Description : React Router is a router for React. In versions on the 7.0 branch prior to version 7.5.2, it's possible to modify pre-rendered data by adding a header to the request. This allows to completely spoof its contents and modify all the values ​​of the data object passed to the HTML. This issue has been patched in version 7.5.2.
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 01:15:00 GMT

read more

CVE-2025-2185 - ALBEDO Telecom Net.Time PTP/NTP Clock Authentication Bypass

CVE ID : CVE-2025-2185
Published : April 25, 2025, 12:15 a.m. | 5 hours, 59 minutes ago
Description : ALBEDO Telecom Net.Time - PTP/NTP clock (Serial No. NBC0081P) software release 1.4.4 is vulnerable to an insufficient session expiration vulnerability, which could permit an attacker to transmit passwords over unencrypted connections, resulting in the product becoming vulnerable to interception.
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 00:15:00 GMT

read more

CVE-2025-3606 - Vestel AC Charger Information Disclosure Vulnerability

CVE ID : CVE-2025-3606
Published : April 25, 2025, 12:15 a.m. | 5 hours, 59 minutes ago
Description : Vestel AC Charger version 3.75.0 contains a vulnerability that could enable an attacker to access files containing sensitive information, such as credentials which could be used to further compromise the device.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 25 Apr 2025 00:15:00 GMT

read more

CVE-2025-1294 - "eForm for WordPress Stored Cross-Site Scripting Vulnerability"

CVE ID : CVE-2025-1294
Published : April 24, 2025, 11:15 p.m. | 6 hours, 59 minutes ago
Description : The eForm - WordPress Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 4.18.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 23:15:00 GMT

read more

CVE-2025-3749 - Breeze Display for WordPress Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3749
Published : April 24, 2025, 11:15 p.m. | 6 hours, 59 minutes ago
Description : The Breeze Display plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘cal_size’ parameter in all versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 23:15:00 GMT

read more

CVE-2025-46271 - UNI-NMS-Lite Command Injection Vulnerability

CVE ID : CVE-2025-46271
Published : April 24, 2025, 11:15 p.m. | 6 hours, 59 minutes ago
Description : UNI-NMS-Lite is vulnerable to a command injection attack that could allow an unauthenticated attacker to read or manipulate device data.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 23:15:00 GMT

read more

CVE-2025-46272 - D-Link Router Command Injection Vulnerability

CVE ID : CVE-2025-46272
Published : April 24, 2025, 11:15 p.m. | 6 hours, 59 minutes ago
Description : WGS-80HPT-V2 and WGS-4215-8T2S are vulnerable to a command injection attack that could allow an unauthenticated attacker to execute OS commands on the host system.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 23:15:00 GMT

read more

CVE-2025-46273 - UNI-NMS-Lite Hard-Coded Credentials Authentication Bypass

CVE ID : CVE-2025-46273
Published : April 24, 2025, 11:15 p.m. | 6 hours, 59 minutes ago
Description : UNI-NMS-Lite uses hard-coded credentials that could allow an unauthenticated attacker to gain administrative privileges to all UNI-NMS managed devices.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 23:15:00 GMT

read more

CVE-2025-46274 - UNI-NMS-Lite Authentication Bypass

CVE ID : CVE-2025-46274
Published : April 24, 2025, 11:15 p.m. | 6 hours, 59 minutes ago
Description : UNI-NMS-Lite uses hard-coded credentials that could allow an unauthenticated attacker to read, manipulate and create entries in the managed database.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 23:15:00 GMT

read more

CVE-2025-46275 - Fortinet FortiSwitch Unauthenticated Administrator Account Creation

CVE ID : CVE-2025-46275
Published : April 24, 2025, 11:15 p.m. | 6 hours, 59 minutes ago
Description : WGS-80HPT-V2 and WGS-4215-8T2S are missing authentication that could allow an attacker to create an administrator account without knowing any existing credentials.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 23:15:00 GMT

read more

CVE-2022-44760 - HCL Leap JavaScript Injection

CVE ID : CVE-2022-44760
Published : April 24, 2025, 9:15 p.m. | 8 hours, 59 minutes ago
Description : Unsafe default file type filter policy in HCL Leap allows execution of unsafe JavaScript in deployed applications.
Severity: 4.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 21:15:00 GMT

read more

CVE-2023-37516 - HCL Leap Information Disclosure

CVE ID : CVE-2023-37516
Published : April 24, 2025, 9:15 p.m. | 8 hours, 59 minutes ago
Description : Missing "no cache" headers in HCL Leap permits user directory information to be cached.
Severity: 3.2 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 21:15:00 GMT

read more

CVE-2024-30127 - HCL Leap HTTP Cache Exposure Vulnerability

CVE ID : CVE-2024-30127
Published : April 24, 2025, 9:15 p.m. | 8 hours, 59 minutes ago
Description : Missing "no cache" headers in HCL Leap permits sensitive data to be cached.
Severity: 3.2 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 21:15:00 GMT

read more

CVE-2025-25777 - Codeastro Bus Ticket Booking System IDOR

CVE ID : CVE-2025-25777
Published : April 24, 2025, 9:15 p.m. | 8 hours, 59 minutes ago
Description : Insecure Direct Object Reference (IDOR) in Codeastro Bus Ticket Booking System v1.0 allows unauthorized access to user profiles. By manipulating the user ID in the URL, an attacker can access another user's profile without proper authentication or authorization checks.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 21:15:00 GMT

read more

CVE-2025-29529 - ITC Systems Multiplan/Matrix OneCard SQL Injection

CVE ID : CVE-2025-29529
Published : April 24, 2025, 9:15 p.m. | 8 hours, 59 minutes ago
Description : ITC Systems Multiplan/Matrix OneCard platform v3.7.4.1002 was discovered to contain a SQL injection vulnerability via the component Forgotpassword.aspx.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 21:15:00 GMT

read more

CVE-2025-43861 - ManageWiki Stored and Reflected XSS Vulnerability

CVE ID : CVE-2025-43861
Published : April 24, 2025, 9:15 p.m. | 8 hours, 59 minutes ago
Description : ManageWiki is a MediaWiki extension allowing users to manage wikis. Prior to commit 2f177dc, ManageWiki is vulnerable to reflected or stored XSS in the review dialog. A logged-in attacker must change a form field to include a malicious payload. If that same user then opens the "Review Changes" dialog, the payload will be rendered and executed in the context of their own session. This issue has been patched in commit 2f177dc.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 21:15:00 GMT

read more

CVE-2022-44759 - HCL Leap SVG Injection Vulnerability

CVE ID : CVE-2022-44759
Published : April 24, 2025, 9:15 p.m. | 4 hours, 59 minutes ago
Description : Improper sanitization of SVG files in HCL Leap allows client-side script injection in deployed applications.
Severity: 4.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 21:15:00 GMT

read more

CVE-2025-26382 - iSTAR ICU Buffer Overflow

CVE ID : CVE-2025-26382
Published : April 24, 2025, 8:15 p.m. | 5 hours, 59 minutes ago
Description : Under certain circumstances the iSTAR Configuration Utility (ICU) tool could have a buffer overflow issue
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 20:15:00 GMT

read more

CVE-2025-43859 - Apache h11 Chunked-Coding Request Smuggling Vulnerability

CVE ID : CVE-2025-43859
Published : April 24, 2025, 7:15 p.m. | 6 hours, 58 minutes ago
Description : h11 is a Python implementation of HTTP/1.1. Prior to version 0.16.0, a leniency in h11's parsing of line terminators in chunked-coding message bodies can lead to request smuggling vulnerabilities under certain conditions. This issue has been patched in version 0.16.0. Since exploitation requires the combination of buggy h11 with a buggy (reverse) proxy, fixing either component is sufficient to mitigate this issue.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 19:15:00 GMT

read more

CVE-2025-43858 - YouTubeDLSharp Windows Command Injection Vulnerability

CVE ID : CVE-2025-43858
Published : April 24, 2025, 6:15 p.m. | 7 hours, 59 minutes ago
Description : YoutubeDLSharp is a wrapper for the command-line video downloaders youtube-dl and yt-dlp. In versions starting from 1.0.0-beta4 and prior to 1.1.2, an unsafe conversion of arguments allows the injection of a malicious commands when starting `yt-dlp` from a commands prompt running on Windows OS with the `UseWindowsEncodingWorkaround` value defined to true (default behavior). If a user is using built-in methods from the YoutubeDL.cs file, the value is true by default and a user cannot disable it from these methods. This issue has been patched in version 1.1.2.
Severity: 9.2 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 18:15:00 GMT

read more

CVE-2024-30113 - HCL Leap Cross-Site Scripting Vulnerability

CVE ID : CVE-2024-30113
Published : April 24, 2025, 5:15 p.m. | 8 hours, 59 minutes ago
Description : Insufficient sanitization policy in HCL Leap allows client-side script injection in the deployed application through the HTML widget.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 17:15:00 GMT

read more

CVE-2024-30114 - HCL Leap Cross-Site Scripting (XSS)

CVE ID : CVE-2024-30114
Published : April 24, 2025, 5:15 p.m. | 8 hours, 59 minutes ago
Description : Insufficient sanitization in HCL Leap allows client-side script injection in the authoring environment.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 17:15:00 GMT

read more

CVE-2024-30147 - "Oracle HCL Leap Client-Side Script Injection Vulnerability"

CVE ID : CVE-2024-30147
Published : April 24, 2025, 5:15 p.m. | 8 hours, 59 minutes ago
Description : Multiple vectors in HCL Leap allow client-side script injection in the authoring environment and deployed applications.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 17:15:00 GMT

read more

CVE-2025-31324 - SAP NetWeaver Unauthenticated Remote Code Execution

CVE ID : CVE-2025-31324
Published : April 24, 2025, 5:15 p.m. | 8 hours, 59 minutes ago
Description : SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect the confidentiality, integrity, and availability of the targeted system.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 17:15:00 GMT

read more

CVE-2021-47662 - F5 Networks HTTPS DoS Vulnerability

CVE ID : CVE-2021-47662
Published : April 24, 2025, 10:15 a.m. | 1 hour, 59 minutes ago
Description : Due to missing authorization an unauthenticated remote attacker can cause a DoS attack by connecting via HTTPS and triggering the shutdown button.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 10:15:00 GMT

read more

CVE-2021-47663 - Apache Solr JSON Web Tokens Authentication Bypass

CVE ID : CVE-2021-47663
Published : April 24, 2025, 10:15 a.m. | 1 hour, 59 minutes ago
Description : Due to improper JSON Web Tokens implementation an unauthenticated remote attacker can guess a valid session ID and therefore impersonate a user to gain full access.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 10:15:00 GMT

read more

CVE-2021-47664 - Cisco Authentication Bypass

CVE ID : CVE-2021-47664
Published : April 24, 2025, 10:15 a.m. | 1 hour, 59 minutes ago
Description : Due to improper authentication mechanism an unauthenticated remote attacker can enumerate valid usernames.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 10:15:00 GMT

read more

CVE-2025-3872 - Centreon centreon-web SQL Injection

CVE ID : CVE-2025-3872
Published : April 24, 2025, 10:15 a.m. | 1 hour, 59 minutes ago
Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Centreon centreon-web (User configuration form modules) allows SQL Injection. A user with high privileges is able to become administrator by intercepting the contact form request and altering its payload. This issue affects Centreon: from 22.10.0 before 22.10.28, from 23.04.0 before 23.04.25, from 23.10.0 before 23.10.20, from 24.04.0 before 24.04.10, from 24.10.0 before 24.10.4.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 10:15:00 GMT

read more

CVE-2024-13307 - Reales WP Real Estate WordPress Theme Unauthenticated File Deletion and Authorization Bypass Vulnerability

CVE ID : CVE-2024-13307
Published : April 24, 2025, 9:15 a.m. | 2 hours, 58 minutes ago
Description : The Reales WP - Real Estate WordPress Theme theme for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the 'reales_delete_file', 'reales_delete_file_plans', 'reales_add_to_favourites', and 'reales_remove_from_favourites' functions in all versions up to, and including, 2.1.2. This makes it possible for unauthenticated attackers to delete arbitrary attachments, and add or remove favorite property listings for any user.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 09:15:00 GMT

read more

CVE-2025-1284 - Woocommerce Automatic Order Printing Insecure Direct Object Reference

CVE ID : CVE-2025-1284
Published : April 24, 2025, 9:15 a.m. | 2 hours, 58 minutes ago
Description : The Woocommerce Automatic Order Printing | ( Formerly WooCommerce Google Cloud Print) plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.1 via the xc_woo_printer_preview AJAX action due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view other user's invoices and orders which can contain sensitive information.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 09:15:00 GMT

read more

CVE-2025-2543 - WordPress Advanced Accordion Gutenberg Block Stored Cross-Site Scripting

CVE ID : CVE-2025-2543
Published : April 24, 2025, 9:15 a.m. | 2 hours, 58 minutes ago
Description : The Advanced Accordion Gutenberg Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 5.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 09:15:00 GMT

read more

CVE-2025-2579 - Lottie Player WordPress Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-2579
Published : April 24, 2025, 9:15 a.m. | 2 hours, 58 minutes ago
Description : The Lottie Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via File uploads in all versions up to, and including, 1.1.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the uploaded file.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 09:15:00 GMT

read more

CVE-2025-3058 - Xelion Webchat WordPress Privilege Escalation Vulnerability

CVE ID : CVE-2025-3058
Published : April 24, 2025, 9:15 a.m. | 2 hours, 58 minutes ago
Description : The Xelion Webchat plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the xwc_save_settings() function in all versions up to, and including, 9.1.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 09:15:00 GMT

read more

CVE-2025-3065 - Apache Database Toolset Remote File Deletion Vulnerability

CVE ID : CVE-2025-3065
Published : April 24, 2025, 9:15 a.m. | 2 hours, 58 minutes ago
Description : The Database Toolset plugin is vulnerable to arbitrary file deletion due to insufficient file path validation in a function in all versions up to, and including, 1.8.4. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 09:15:00 GMT

read more

CVE-2025-3101 - WordPress Configurator Theme Core Privilege Escalation Vulnerability

CVE ID : CVE-2025-3101
Published : April 24, 2025, 9:15 a.m. | 2 hours, 58 minutes ago
Description : The Configurator Theme Core plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.4.7. This is due to the plugin not properly validating user meta fields prior to updating them in the database. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change escalate their privileges to Administrator.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 09:15:00 GMT

read more

CVE-2025-3280 - ELEX WooCommerce Advanced Bulk Edit Products, Prices Attributes SQL Injection

CVE ID : CVE-2025-3280
Published : April 24, 2025, 9:15 a.m. | 2 hours, 58 minutes ago
Description : The ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes plugin for WordPress is vulnerable to SQL Injection via the 'attribute_value_filter' parameter in all versions up to, and including, 1.4.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 09:15:00 GMT

read more

CVE-2025-3300 - "WordPress WPMasterToolKit Directory Traversal Vulnerability"

CVE ID : CVE-2025-3300
Published : April 24, 2025, 9:15 a.m. | 2 hours, 58 minutes ago
Description : The WPMasterToolKit (WPMTK) – All in one plugin plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.5.2. This makes it possible for authenticated attackers, with Administrator-level access and above, to read and modify the contents of arbitrary files on the server, which can contain sensitive information.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 09:15:00 GMT

read more

CVE-2025-3603 - Flynax Bridge for WordPress Privilege Escalation Vulnerability

CVE ID : CVE-2025-3603
Published : April 24, 2025, 9:15 a.m. | 2 hours, 58 minutes ago
Description : The Flynax Bridge plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.2.0. This is due to the plugin not properly validating a user's identity prior to updating their details like password. This makes it possible for unauthenticated attackers to change arbitrary user's passwords, including administrators, and leverage that to gain access to their account.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 09:15:00 GMT

read more

CVE-2025-3604 - Flynax Bridge WordPress Privilege Escalation Vulnerability

CVE ID : CVE-2025-3604
Published : April 24, 2025, 9:15 a.m. | 2 hours, 58 minutes ago
Description : The Flynax Bridge plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.2.0. This is due to the plugin not properly validating a user's identity prior to updating their details like email. This makes it possible for unauthenticated attackers to change arbitrary user's email addresses, including administrators, and leverage that to reset the user's password and gain access to their account.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 09:15:00 GMT

read more

CVE-2025-3607 - WordPress Frontend Login and Registration Blocks Privilege Escalation Vulnerability

CVE ID : CVE-2025-3607
Published : April 24, 2025, 9:15 a.m. | 2 hours, 58 minutes ago
Description : The Frontend Login and Registration Blocks plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.0.7. This is due to the plugin not properly validating a user's identity prior to updating a password. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change arbitrary user's passwords, including administrators, and leverage that to gain access to their account.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 09:15:00 GMT

read more

CVE-2025-3776 - WordPress TargetSMS Plugin Remote Code Execution Vulnerability

CVE ID : CVE-2025-3776
Published : April 24, 2025, 9:15 a.m. | 2 hours, 58 minutes ago
Description : The Verification SMS with TargetSMS plugin for WordPress is vulnerable to limited Remote Code Execution in all versions up to, and including, 1.5 via the 'targetvr_ajax_handler' function. This is due to a lack of validation on the type of function that can be called. This makes it possible for unauthenticated attackers to execute any callable function on the site, such as phpinfo().
Severity: 8.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 09:15:00 GMT

read more

CVE-2025-3793 - Buddypress WordPress Force Password Change Plugin Authentication Bypass

CVE ID : CVE-2025-3793
Published : April 24, 2025, 9:15 a.m. | 2 hours, 58 minutes ago
Description : The Buddypress Force Password Change plugin for WordPress is vulnerable to authenticated account takeover due to the plugin not properly validating a user's identity prior to updating their password through the 'bp_force_password_ajax' function in all versions up to, and including, 0.1. This makes it possible for authenticated attackers, with subscriber-level access and above and under certain prerequisites, to change arbitrary user's passwords, including administrators, and leverage that to gain access to their accounts.
Severity: 4.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 09:15:00 GMT

read more

CVE-2025-3832 - "FuseDesk WordPress Stored Cross-Site Scripting Vulnerability"

CVE ID : CVE-2025-3832
Published : April 24, 2025, 9:15 a.m. | 2 hours, 58 minutes ago
Description : The FuseDesk plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘successredirect’ parameter in all versions up to, and including, 6.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 09:15:00 GMT

read more

CVE-2024-12244 - GitLab EE Information Disclosure

CVE ID : CVE-2024-12244
Published : April 24, 2025, 8:15 a.m. | 3 hours, 59 minutes ago
Description : An issue has been discovered in access controls could allow users to view certain restricted project information even when related features are disabled in GitLab EE, affecting all versions from 17.7 prior to 17.9.7, 17.10 prior to 17.10.5, and 17.11 prior to 17.11.1.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 08:15:00 GMT

read more

CVE-2025-0639 - GitLab CE/EE Service Availability Denial of Service

CVE ID : CVE-2025-0639
Published : April 24, 2025, 8:15 a.m. | 3 hours, 59 minutes ago
Description : An issue has been discovered affecting service availability via issue preview in GitLab CE/EE affecting all versions from 16.7 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 08:15:00 GMT

read more

CVE-2025-1908 - GitLab Information Disclosure and Session Hijacking Vulnerability

CVE ID : CVE-2025-1908
Published : April 24, 2025, 8:15 a.m. | 3 hours, 59 minutes ago
Description : An issue has been discovered in GitLab EE/CE that could allow an attacker to track users' browsing activities, potentially leading to full account take-over, affecting all versions from 16.6 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1.
Severity: 7.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 08:15:00 GMT

read more

CVE-2025-3761 - My Tickets - WordPress Privilege Escalation Vulnerability

CVE ID : CVE-2025-3761
Published : April 24, 2025, 7:15 a.m. | 4 hours, 58 minutes ago
Description : The My Tickets – Accessible Event Ticketing plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.0.16. This is due to the mt_save_profile() function not appropriately restricting access to unauthorized users to update roles. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update their role to that of an administrator.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 07:15:00 GMT

read more

CVE-2025-41395 - Mattermost Denial of Service (DoS) Vulnerability

CVE ID : CVE-2025-41395
Published : April 24, 2025, 7:15 a.m. | 4 hours, 58 minutes ago
Description : Mattermost versions 10.4.x <= 10.4.2, 10.5.x <= 10.5.0, 9.11.x <= 9.11.10 fail to properly validate the props used by the RetrospectivePost custom post type in the Playbooks plugin, which allows an attacker to create a specially crafted post with maliciously crafted props and cause a denial of service (DoS) of the web app for all users.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 07:15:00 GMT

read more

CVE-2025-41423 - Mattermost Playbooks API Permission Validation Bypass

CVE ID : CVE-2025-41423
Published : April 24, 2025, 7:15 a.m. | 4 hours, 58 minutes ago
Description : Mattermost versions 10.4.x <= 10.4.2, 10.5.x <= 10.5.0, 9.11.x <= 9.11.10 fail to properly validate permissions for the API endpoint /plugins/playbooks/api/v0/signal/keywords/ignore-thread, allowing any user or attacker to delete posts containing actions created by the Playbooks bot, even without channel access or appropriate permissions.
Severity: 3.1 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 07:15:00 GMT

read more

CVE-2025-32730 - i-PRO Co., Ltd. Surveillance Cameras and Recorders Cryptographic Key Hard-Coded Authentication Bypass

CVE ID : CVE-2025-32730
Published : April 24, 2025, 7:15 a.m. | 56 minutes ago
Description : Use of hard-coded cryptographic key vulnerability in i-PRO Configuration Tool affects the network system for i-PRO Co., Ltd. surveillance cameras and recorders. This vulnerability allows a local authenticated attacker to use the authentication information from the last connected surveillance cameras and recorders.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 07:15:00 GMT

read more

CVE-2025-35965 - Mattermost Denial-of-Service DoS Vulnerability

CVE ID : CVE-2025-35965
Published : April 24, 2025, 7:15 a.m. | 56 minutes ago
Description : Mattermost versions 10.4.x <= 10.4.2, 10.5.x <= 10.5.0, 9.11.x <= 9.11.10 fail to validate the uniqueness and quantity of task actions within the UpdateRunTaskActions GraphQL operation, which allows an attacker to create task items containing an excessive number of actions triggered by specific posts, overloading the server and leading to a denial-of-service (DoS) condition.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 07:15:00 GMT

read more

CVE-2025-1453 - WordPress Category Posts Widget Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-1453
Published : April 24, 2025, 6:15 a.m. | 1 hour, 56 minutes ago
Description : The Category Posts Widget WordPress plugin before 4.9.20 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 06:15:00 GMT

read more

CVE-2025-2558 - "WordPress Theme-Wound LFI Vulnerability"

CVE ID : CVE-2025-2558
Published : April 24, 2025, 6:15 a.m. | 1 hour, 56 minutes ago
Description : The-wound WordPress theme through 0.0.1 does not validate some parameters before using them to generate paths passed to include function/s, allowing unauthenticated users to perform LFI attacks and download arbitrary file from the server
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 06:15:00 GMT

read more

CVE-2025-3435 - Mang Board WP Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3435
Published : April 24, 2025, 4:15 a.m. | 3 hours, 56 minutes ago
Description : The Mang Board WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the board_header and board_footer parameters in all versions up to, and including, 1.8.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 04:15:00 GMT

read more

CVE-2025-1976 - Brocade Fabric OS Root Privilege Escalation

CVE ID : CVE-2025-1976
Published : April 24, 2025, 3:15 a.m. | 4 hours, 57 minutes ago
Description : Brocade Fabric OS versions starting with 9.1.0 have root access removed, however, a local user with admin privilege can potentially execute arbitrary code with full root privileges on Fabric OS versions 9.1.0 through 9.1.1d6.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 03:15:00 GMT

read more

CVE-2025-46374 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-46374
Published : April 24, 2025, 3:15 a.m. | 4 hours, 57 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 03:15:00 GMT

read more

CVE-2025-46375 - Apache Struts Deserialization Vulnerability

CVE ID : CVE-2025-46375
Published : April 24, 2025, 3:15 a.m. | 4 hours, 57 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 03:15:00 GMT

read more

CVE-2025-46376 - Cisco Webex Meeting Server Authentication Bypass

CVE ID : CVE-2025-46376
Published : April 24, 2025, 3:15 a.m. | 4 hours, 57 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 03:15:00 GMT

read more

CVE-2025-46377 - Apache HTTP Server Arbitrary File Upload Vulnerability

CVE ID : CVE-2025-46377
Published : April 24, 2025, 3:15 a.m. | 4 hours, 57 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 03:15:00 GMT

read more

CVE-2025-46378 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-46378
Published : April 24, 2025, 3:15 a.m. | 4 hours, 57 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 03:15:00 GMT

read more

CVE-2025-46379 - Apache Web Server Denial of Service

CVE ID : CVE-2025-46379
Published : April 24, 2025, 3:15 a.m. | 4 hours, 57 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 03:15:00 GMT

read more

CVE-2025-46380 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-46380
Published : April 24, 2025, 3:15 a.m. | 4 hours, 57 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 03:15:00 GMT

read more

CVE-2025-46381 - Apache HTTP Server Command Injection

CVE ID : CVE-2025-46381
Published : April 24, 2025, 3:15 a.m. | 4 hours, 57 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 03:15:00 GMT

read more

CVE-2025-46417 - Apache Picklescan SSL Exfiltration Vulnerability

CVE ID : CVE-2025-46417
Published : April 24, 2025, 1:15 a.m. | 6 hours, 56 minutes ago
Description : The unsafe globals in Picklescan before 0.0.25 do not include ssl. Consequently, ssl.get_server_certificate can exfiltrate data via DNS after deserialization.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 01:15:00 GMT

read more

CVE-2025-46419 - Westermo WeOS Reboot Remote Command Execution Vulnerability

CVE ID : CVE-2025-46419
Published : April 24, 2025, 1:15 a.m. | 6 hours, 56 minutes ago
Description : Westermo WeOS 5 through 5.23.0 allows a reboot via a malformed ESP packet.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 01:15:00 GMT

read more

CVE-2025-27580 - NIH BRICS Privilege Escalation and Account Compromise Vulnerability

CVE ID : CVE-2025-27580
Published : April 24, 2025, 12:15 a.m. | 7 hours, 57 minutes ago
Description : NIH BRICS (aka Biomedical Research Informatics Computing System) through 14.0.0-67 generates predictable tokens (that depend on username, time, and the fixed 7Dl9#dj- string) and thus allows unauthenticated users with a Common Access Card (CAC) to escalate privileges and compromise any account, including administrators.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 00:15:00 GMT

read more

CVE-2025-27581 - NIH BRICS Unauthenticated Access to InET Module

CVE ID : CVE-2025-27581
Published : April 24, 2025, 12:15 a.m. | 7 hours, 57 minutes ago
Description : NIH BRICS (aka Biomedical Research Informatics Computing System) through 14.0.0-67 allows users who lack the InET role to access the InET module via direct requests to known endpoints.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 24 Apr 2025 00:15:00 GMT

read more

Fuite de données chez Carrefour Mobile

numéro de téléphone, adresse email, mot de passe, adresse, numéro de passeport

Thu Apr 24 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

CVE-2024-22351 - IBM InfoSphere Information Server Authentication Session Impersonation

CVE ID : CVE-2024-22351
Published : April 23, 2025, 11:15 p.m. | 8 hours, 57 minutes ago
Description : IBM InfoSphere Information 11.7 Server does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 23:15:00 GMT

read more

CVE-2025-25045 - IBM InfoSphere Information Server Information Disclosure

CVE ID : CVE-2025-25045
Published : April 23, 2025, 11:15 p.m. | 8 hours, 57 minutes ago
Description : IBM InfoSphere Information 11.7 Server authenticated user to obtain sensitive information when a detailed technical error message is returned in a request. This information could be used in further attacks against the system.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 23:15:00 GMT

read more

CVE-2025-25046 - IBM InfoSphere Information Server DataStage Flow Designer Information Disclosure

CVE ID : CVE-2025-25046
Published : April 23, 2025, 11:15 p.m. | 8 hours, 57 minutes ago
Description : IBM InfoSphere Information Server 11.7 DataStage Flow Designer  transmits sensitive information via URL or query parameters that could be exposed to an unauthorized actor using man in the middle techniques.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 23:15:00 GMT

read more

CVE-2025-46400 - Fig2dev ArcObject Segmentation Fault Vulnerability

CVE ID : CVE-2025-46400
Published : April 23, 2025, 9:15 p.m. | 10 hours, 57 minutes ago
Description : Segmentation fault in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via read_arcobject function.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 21:15:00 GMT

read more

CVE-2025-46397 - "Fig2Dev Bezier Spline Code Execution Vulnerability"

CVE ID : CVE-2025-46397
Published : April 23, 2025, 9:15 p.m. | 8 hours, 22 minutes ago
Description : Stack-overflow in fig2dev in version 3.2.9a allows an attacker possible code execution via local input manipulation via bezier_spline function.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 21:15:00 GMT

read more

CVE-2025-46398 - Fig2Dev Stack Overflow Vulnerability

CVE ID : CVE-2025-46398
Published : April 23, 2025, 9:15 p.m. | 8 hours, 22 minutes ago
Description : Stack-overflow in fig2dev in version 3.2.9a allows an attacker possible code execution via local input manipulation via read_objects function.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 21:15:00 GMT

read more

CVE-2025-46399 - Fig2Dev Genge Itp Spline Segmentation Fault

CVE ID : CVE-2025-46399
Published : April 23, 2025, 9:15 p.m. | 8 hours, 22 minutes ago
Description : Segmentation fault in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via genge_itp_spline function.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 21:15:00 GMT

read more

CVE-2025-28169 - BYD QIN PLUS DM-i Dilink OS Unencrypted Broadcast Vulnerability

CVE ID : CVE-2025-28169
Published : April 23, 2025, 8:15 p.m. | 9 hours, 21 minutes ago
Description : BYD QIN PLUS DM-i Dilink OS v3.0_13.1.7.2204050.1 to v3.0_13.1.7.2312290.1_0 was discovered to cend broadcasts to the manufacturer's cloud server unencrypted, allowing attackers to execute a man-in-the-middle attack.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 20:15:00 GMT

read more

CVE-2025-32818 - SonicWall SonicOS SSLVPN Null Pointer Dereference DoS

CVE ID : CVE-2025-32818
Published : April 23, 2025, 8:15 p.m. | 9 hours, 21 minutes ago
Description : A Null Pointer Dereference vulnerability in the SonicOS SSLVPN Virtual office interface allows a remote, unauthenticated attacker to crash the firewall, potentially leading to a Denial-of-Service (DoS) condition.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 20:15:00 GMT

read more

CVE-2025-3673 - Apache HTTP Server Remote Code Execution Vulnerability

CVE ID : CVE-2025-3673
Published : April 23, 2025, 7:16 p.m. | 10 hours, 20 minutes ago
Description : Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-3092.. Reason: This candidate is a reservation duplicate of CVE-2023-3092. Notes: All CVE users should reference CVE-2023-3092. instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 19:16:00 GMT

read more

CVE-2024-58251 - BusyBox Netstat Terminal Escape Sequence Injection Denial of Service

CVE ID : CVE-2024-58251
Published : April 23, 2025, 6:16 p.m. | 11 hours, 21 minutes ago
Description : In netstat in BusyBox through 1.37.0, local users can launch of network application with an argv[0] containing an ANSI terminal escape sequence, leading to a denial of service (terminal locked up) when netstat is used by a victim.
Severity: 2.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 18:16:00 GMT

read more

CVE-2025-2770 - BEC Technologies Router Cleartext Password Disclosure

CVE ID : CVE-2025-2770
Published : April 23, 2025, 5:16 p.m. | 8 hours, 57 minutes ago
Description : BEC Technologies Multiple Routers Cleartext Password Storage Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of BEC Technologies routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the web-based user interface. The issue results from storing credentials in a recoverable format. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-25986.
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 17:16:00 GMT

read more

CVE-2025-2771 - BEC Technologies Router Authentication Bypass Vulnerability

CVE ID : CVE-2025-2771
Published : April 23, 2025, 5:16 p.m. | 8 hours, 57 minutes ago
Description : BEC Technologies Multiple Routers Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of BEC Technologies routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web-based user interface. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-25894.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 17:16:00 GMT

read more

CVE-2025-2772 - BEC Technologies Router Credentials Disclosure Vulnerability

CVE ID : CVE-2025-2772
Published : April 23, 2025, 5:16 p.m. | 8 hours, 57 minutes ago
Description : BEC Technologies Multiple Routers Insufficiently Protected Credentials Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of BEC Technologies routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within /cgi-bin/tools_usermanage.asp. The issue results from transmitting a list of users and their credentials to be handled on the client side. An attacker can leverage this vulnerability to disclose transported credentials, leading to further compromise. Was ZDI-CAN-25895.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 17:16:00 GMT

read more

CVE-2025-2773 - BEC Technologies Multiple Routers TCP Port 22 Command Injection Remote Code Execution Vulnerability

CVE ID : CVE-2025-2773
Published : April 23, 2025, 5:16 p.m. | 8 hours, 57 minutes ago
Description : BEC Technologies Multiple Routers sys ping Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of BEC Technologies Multiple Routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the management interface, which listens on TCP port 22 by default. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-25903.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 17:16:00 GMT

read more

CVE-2025-3900 - "Drupal Colorbox Cross-Site Scripting (XSS)"

CVE ID : CVE-2025-3900
Published : April 23, 2025, 5:16 p.m. | 8 hours, 57 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Colorbox allows Cross-Site Scripting (XSS).This issue affects Colorbox: from 0.0.0 before 2.1.3.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 17:16:00 GMT

read more

CVE-2025-3901 - Drupal Bootstrap Site Alert Cross-Site Scripting (XSS)

CVE ID : CVE-2025-3901
Published : April 23, 2025, 5:16 p.m. | 8 hours, 57 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Bootstrap Site Alert allows Cross-Site Scripting (XSS).This issue affects Bootstrap Site Alert: from 0.0.0 before 1.13.0, from 3.0.0 before 3.0.4.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 17:16:00 GMT

read more

CVE-2025-3902 - Drupal Cross-Site Scripting (XSS)

CVE ID : CVE-2025-3902
Published : April 23, 2025, 5:16 p.m. | 8 hours, 57 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Block Class allows Cross-Site Scripting (XSS).This issue affects Block Class: from 4.0.0 before 4.0.1.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 17:16:00 GMT

read more

CVE-2025-3903 - Drupal UEditor - 百度编辑器 File Inclusion Vulnerability

CVE ID : CVE-2025-3903
Published : April 23, 2025, 5:16 p.m. | 8 hours, 57 minutes ago
Description : Vulnerability in Drupal UEditor - 百度编辑器.This issue affects UEditor - 百度编辑器: *.*.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 17:16:00 GMT

read more

CVE-2025-3904 - "Drupal Sportsleague Authentication Bypass"

CVE ID : CVE-2025-3904
Published : April 23, 2025, 5:16 p.m. | 8 hours, 57 minutes ago
Description : Vulnerability in Drupal Sportsleague.This issue affects Sportsleague: *.*.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 17:16:00 GMT

read more

CVE-2025-3907 - Drupal Search API Solr CSRF

CVE ID : CVE-2025-3907
Published : April 23, 2025, 5:16 p.m. | 8 hours, 57 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in Drupal Search API Solr allows Cross Site Request Forgery.This issue affects Search API Solr: from 0.0.0 before 4.3.9.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 17:16:00 GMT

read more

CVE-2025-2765 - CarlinKit CPC200-CCPA Hard-Coded Credentials Authentication Bypass

CVE ID : CVE-2025-2765
Published : April 23, 2025, 5:16 p.m. | 6 hours, 20 minutes ago
Description : CarlinKit CPC200-CCPA Wireless Hotspot Hard-Coded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of CarlinKit CPC200-CCPA devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the wireless hotspot. The issue results from the use of hard-coded credentials. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-24349.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 17:16:00 GMT

read more

CVE-2025-2767 - Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution

CVE ID : CVE-2025-2767
Published : April 23, 2025, 5:16 p.m. | 6 hours, 20 minutes ago
Description : Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Arista NG Firewall. Minimal user interaction is required to exploit this vulnerability. The specific flaw exists within the processing of the User-Agent HTTP header. The issue results from the lack of proper validation of user-supplied data, which can lead to the injection of an arbitrary script. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-24407.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 17:16:00 GMT

read more

CVE-2025-2768 - Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation

CVE ID : CVE-2025-2768
Published : April 23, 2025, 5:16 p.m. | 6 hours, 20 minutes ago
Description : Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Bdrive NetDrive. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the configuration of OpenSSL. The product loads an OpenSSL configuration file from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-25041.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 17:16:00 GMT

read more

CVE-2025-2769 - Bdrive NetDrive OpenSSL Privilege Escalation Vulnerability

CVE ID : CVE-2025-2769
Published : April 23, 2025, 5:16 p.m. | 6 hours, 20 minutes ago
Description : Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Bdrive NetDrive. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the configuration of OpenSSL. The product loads an OpenSSL configuration file from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-25295.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 17:16:00 GMT

read more

CVE-2024-47829 - "Pnpm MD5 Path Shortening Collision Vulnerability"

CVE ID : CVE-2024-47829
Published : April 23, 2025, 4:15 p.m. | 46 minutes ago
Description : pnpm is a package manager. Prior to version 10.0.0, the path shortening function uses the md5 function as a path shortening compression function, and if a collision occurs, it will result in the same storage path for two different libraries. Although the real names are under the package name /node_modoules/, there are no version numbers for the libraries they refer to. This issue has been patched in version 10.0.0.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 16:15:00 GMT

read more

CVE-2025-21605 - Redis Unauthenticated Output Buffer Overflow Vulnerability

CVE ID : CVE-2025-21605
Published : April 23, 2025, 4:15 p.m. | 46 minutes ago
Description : Redis is an open source, in-memory database that persists on disk. In versions starting at 2.6 and prior to 7.4.3, An unauthenticated client can cause unlimited growth of output buffers, until the server runs out of memory or is killed. By default, the Redis configuration does not limit the output buffer of normal clients (see client-output-buffer-limit). Therefore, the output buffer can grow unlimitedly over time. As a result, the service is exhausted and the memory is unavailable. When password authentication is enabled on the Redis server, but no password is provided, the client can still cause the output buffer to grow from "NOAUTH" responses until the system will run out of memory. This issue has been patched in version 7.4.3. An additional workaround to mitigate this problem without patching the redis-server executable is to block access to prevent unauthenticated users from connecting to Redis. This can be done in different ways. Either using network access control tools like firewalls, iptables, security groups, etc, or enabling TLS and requiring users to authenticate using client side certificates.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 16:15:00 GMT

read more

CVE-2025-32966 - DataEase Remote Code Execution Vulnerability

CVE ID : CVE-2025-32966
Published : April 23, 2025, 4:15 p.m. | 46 minutes ago
Description : DataEase is an open-source BI tool alternative to Tableau. Prior to version 2.10.8, authenticated users can complete RCE through the backend JDBC link. This issue has been patched in version 2.10.8.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 16:15:00 GMT

read more

CVE-2025-32968 - XWiki Blind SQL Injection Vulnerability

CVE ID : CVE-2025-32968
Published : April 23, 2025, 4:15 p.m. | 46 minutes ago
Description : XWiki is a generic wiki platform. In versions starting from 1.6-milestone-1 to before 15.10.16, 16.4.6, and 16.10.1, it is possible for a user with SCRIPT right to escape from the HQL execution context and perform a blind SQL injection to execute arbitrary SQL statements on the database backend. Depending on the used database backend, the attacker may be able to not only obtain confidential information such as password hashes from the database, but also execute UPDATE/INSERT/DELETE queries. This issue has been patched in versions 16.10.1, 16.4.6 and 15.10.16. There is no known workaround, other than upgrading XWiki. The protection added to this REST API is the same as the one used to validate complete select queries, making it more consistent. However, while the script API always had this protection for complete queries, it's important to note that it's a very strict protection and some valid, but complex, queries might suddenly require the author to have programming right.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 16:15:00 GMT

read more

CVE-2025-32969 - XWiki Blind SQL Injection Vulnerability

CVE ID : CVE-2025-32969
Published : April 23, 2025, 4:15 p.m. | 46 minutes ago
Description : XWiki is a generic wiki platform. In versions starting from 1.8 and prior to 15.10.16, 16.4.6, and 16.10.1, it is possible for a remote unauthenticated user to escape from the HQL execution context and perform a blind SQL injection to execute arbitrary SQL statements on the database backend, including when "Prevent unregistered users from viewing pages, regardless of the page rights" and "Prevent unregistered users from editing pages, regardless of the page rights" options are enabled. Depending on the used database backend, the attacker may be able to not only obtain confidential information such as password hashes from the database, but also execute UPDATE/INSERT/DELETE queries. This issue has been patched in versions 16.10.1, 16.4.6 and 15.10.16. There is no known workaround, other than upgrading XWiki.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 16:15:00 GMT

read more

CVE-2025-45429 - Tenda ac9 Stack Overflow Vulnerability

CVE ID : CVE-2025-45429
Published : April 23, 2025, 4:15 p.m. | 46 minutes ago
Description : In the Tenda ac9 v1.0 router with firmware V15.03.05.14_multi, there is a stack overflow vulnerability in /goform/WifiWpsStart, which may lead to remote arbitrary code execution.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 16:15:00 GMT

read more

CVE-2025-46394 - BusyBox Tar Terminal Escape Sequence File Information Disclosure

CVE ID : CVE-2025-46394
Published : April 23, 2025, 4:15 p.m. | 46 minutes ago
Description : In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences.
Severity: 3.2 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 16:15:00 GMT

read more

CVE-2025-43965 - ImageMagick MIFF Image Depth Overflow

CVE ID : CVE-2025-43965
Published : April 23, 2025, 3:16 p.m. | 1 hour, 45 minutes ago
Description : In MIFF image processing in ImageMagick before 7.1.1-44, image depth is mishandled after SetQuantumFormat is used.
Severity: 2.9 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 15:16:00 GMT

read more

CVE-2025-45427 - Tenda AC9 Stack Overflow Vulnerability

CVE ID : CVE-2025-45427
Published : April 23, 2025, 3:16 p.m. | 1 hour, 45 minutes ago
Description : In Tenda AC9 v1.0 with firmware V15.03.05.14_multi, the security parameter of /goform/WifiBasicSet has a stack overflow vulnerability, which can lead to remote arbitrary code execution.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 15:16:00 GMT

read more

CVE-2025-45428 - Tenda AC9 Stack Overflow Vulnerability

CVE ID : CVE-2025-45428
Published : April 23, 2025, 3:16 p.m. | 1 hour, 45 minutes ago
Description : In Tenda ac9 v1.0 with firmware V15.03.05.14_multi, the rebootTime parameter of /goform/SetSysAutoRebbotCfg has a stack overflow vulnerability, which can lead to remote arbitrary code execution.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 15:16:00 GMT

read more

CVE-2025-46393 - ImageMagick Multispectral Packet Size Overflow

CVE ID : CVE-2025-46393
Published : April 23, 2025, 3:16 p.m. | 1 hour, 45 minutes ago
Description : In multispectral MIFF image processing in ImageMagick before 7.1.1-44, packet_size is mishandled (related to the rendering of all channels in an arbitrary order).
Severity: 2.9 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 15:16:00 GMT

read more

CVE-2025-43716 - Ivanti LANDesk Management Gateway Directory Traversal Vulnerability

CVE ID : CVE-2025-43716
Published : April 23, 2025, 2:15 p.m. | 2 hours, 46 minutes ago
Description : A directory traversal vulnerability exists in Ivanti LANDesk Management Gateway through 4.2-1.9. By appending %3F.php to the URI of the /client/index.php endpoint, an attacker can bypass access controls and gain unauthorized access to various endpoints such as /client/index.php%3F.php/gsb/firewall.php within the management web panel, potentially exposing sensitive device information. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 14:15:00 GMT

read more

CVE-2025-2703 - "Jira XY Chart Plugin DOM XSS"

CVE ID : CVE-2025-2703
Published : April 23, 2025, 12:15 p.m. | 4 hours, 46 minutes ago
Description : The built-in XY Chart plugin is vulnerable to a DOM XSS vulnerability. A user with Editor permissions is able to modify such a panel in order to make it execute arbitrary JavaScript.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 12:15:00 GMT

read more

CVE-2025-42600 - Meon KYC Brute Force OTP Vulnerability

CVE ID : CVE-2025-42600
Published : April 23, 2025, 11:15 a.m. | 5 hours, 46 minutes ago
Description : This vulnerability exists in Meon KYC solutions due to missing restrictions on the number of incorrect One-Time Password (OTP) attempts through certain API endpoints of login process. A remote attacker could exploit this vulnerability by performing a brute force attack on OTP, which could lead to gain unauthorized access to other user accounts.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 11:15:00 GMT

read more

CVE-2025-42601 - Meon KYC Captcha Bypass Vulnerability

CVE ID : CVE-2025-42601
Published : April 23, 2025, 11:15 a.m. | 5 hours, 46 minutes ago
Description : This vulnerability exists in Meon KYC solutions due to insufficient server-side validation of the Captcha in certain API endpoints. A remote attacker could exploit this vulnerability by intercepting the request and removing the Captcha parameter leading to bypassing the Captcha verification mechanism.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 11:15:00 GMT

read more

CVE-2025-42602 - Meon KYC Token Manipulation Vulnerability

CVE ID : CVE-2025-42602
Published : April 23, 2025, 11:15 a.m. | 5 hours, 46 minutes ago
Description : This vulnerability exists in Meon KYC solutions due to improper handling of access and refresh tokens in certain API endpoints of authentication process. A remote attacker could exploit this vulnerability by intercepting and manipulating the responses through API request body leading to unauthorized access of other user accounts.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 11:15:00 GMT

read more

CVE-2025-42603 - Meon KYC Plain Text Data Exposure

CVE ID : CVE-2025-42603
Published : April 23, 2025, 11:15 a.m. | 5 hours, 46 minutes ago
Description : This vulnerability exists in the Meon KYC solutions due to transmission of sensitive data in plain text within the response payloads of certain API endpoints. An authenticated remote attacker could exploit this vulnerability by intercepting API response that contains unencrypted sensitive information belonging to other users. Successful exploitation of this vulnerability could allow remote attacker to impersonate the target user and gain unauthorized access to the user account.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 11:15:00 GMT

read more

CVE-2025-42604 - Meon KYC Debug Mode Information Disclosure Vulnerability

CVE ID : CVE-2025-42604
Published : April 23, 2025, 11:15 a.m. | 5 hours, 46 minutes ago
Description : This vulnerability exists in Meon KYC solutions due to debug mode is enabled in certain API endpoints. A remote attacker could exploit this vulnerability by accessing certain unauthorized API endpoints leading to detailed error messages as response leading to disclosure of system related information.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 11:15:00 GMT

read more

CVE-2025-42605 - Meon Bidding Solutions Remote Authorization Bypass Vulnerability

CVE ID : CVE-2025-42605
Published : April 23, 2025, 11:15 a.m. | 5 hours, 46 minutes ago
Description : This vulnerability exists in Meon Bidding Solutions due to improper authorization controls on certain API endpoints for the initiation, modification, or cancellation operations. An authenticated remote attacker could exploit this vulnerability by manipulating parameter in the API request body to gain unauthorized access to other user accounts. Successful exploitation of this vulnerability could allow remote attacker to perform authorized manipulation of data associated with other user accounts.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 11:15:00 GMT

read more

CVE-2024-10306 - Apache mod_proxy_cluster Unauthorized Access Vulnerability

CVE ID : CVE-2024-10306
Published : April 23, 2025, 10:15 a.m. | 6 hours, 46 minutes ago
Description : A vulnerability was found in mod_proxy_cluster. The issue is that the directive should be replaced by the directive as the former does not restrict IP/host access as `Require ip IP_ADDRESS` would suggest. This means that anyone with access to the host might send MCMP requests that may result in adding/removing/updating nodes for the balancing. However, this host should not be accessible to the public network as it does not serve the general traffic.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 10:15:00 GMT

read more

CVE-2025-1054 - UiCore Elements - WordPress Stored Cross-Site Scripting

CVE ID : CVE-2025-1054
Published : April 23, 2025, 10:15 a.m. | 6 hours, 46 minutes ago
Description : The UiCore Elements – Free Elementor widgets and templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the UI Counter, UI Icon Box, UI Testimonial Slider, UI Testimonial Grid, and UI Testimonial Carousel widgets in all versions up to, and including, 1.0.16 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 10:15:00 GMT

read more

CVE-2025-2595 - CODESYS Visualization Forced Browsing Vulnerability

CVE ID : CVE-2025-2595
Published : April 23, 2025, 8:15 a.m. | 8 hours, 46 minutes ago
Description : An unauthenticated remote attacker can bypass the user management in CODESYS Visualization and read visualization template files or static elements by means of forced browsing.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 08:15:00 GMT

read more

CVE-2025-3529 - WordPress Simple Shopping Cart Sensitive Information Exposure

CVE ID : CVE-2025-3529
Published : April 23, 2025, 8:15 a.m. | 8 hours, 46 minutes ago
Description : The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.1.2 via the 'file_url' parameter. This makes it possible for unauthenticated attackers to view potentially sensitive information and download a digital product without paying for it.
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 08:15:00 GMT

read more

CVE-2025-3530 - WordPress Simple Shopping Cart Price Tampering Vulnerability

CVE ID : CVE-2025-3530
Published : April 23, 2025, 8:15 a.m. | 8 hours, 46 minutes ago
Description : The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to product price manipulation in all versions up to, and including, 5.1.2. This is due to a logic flaw involving the inconsistent use of parameters during the cart addition process. The plugin uses the parameter 'product_tmp_two' for computing a security hash against price tampering while using 'wspsc_product' to display the product, allowing an unauthenticated attacker to substitute details from a cheaper product and bypass payment for a more expensive item.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 08:15:00 GMT

read more

CVE-2025-0618 - FireEye EDR Agent Persistent Denial of Service Vulnerability

CVE ID : CVE-2025-0618
Published : April 23, 2025, 7:15 a.m. | 9 hours, 46 minutes ago
Description : A malicious third party could invoke a persistent denial of service vulnerability in FireEye EDR agent by sending a specially-crafted tamper protection event to the HX service to trigger an exception. This exception will prevent any further tamper protection events from being processed, even after a reboot of HX.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 07:15:00 GMT

read more

CVE-2025-0926 - Axis Camera Station Pro File Deletion Privilege Escalation Vulnerability

CVE ID : CVE-2025-0926
Published : April 23, 2025, 6:15 a.m. | 7 hours, 47 minutes ago
Description : Gee-netics, member of AXIS Camera Station Pro Bug Bounty Program, has found that it is possible for a non-admin user to remove system files causing a boot loop by redirecting a file deletion when recording video. Axis has released a patched version for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 06:15:00 GMT

read more

CVE-2025-1056 - Axis Camera Station Pro File Path Traversal Vulnerability

CVE ID : CVE-2025-1056
Published : April 23, 2025, 6:15 a.m. | 7 hours, 47 minutes ago
Description : Gee-netics, member of AXIS Camera Station Pro Bug Bounty Program, has identified an issue with a specific file that the server is using. A non-admin user can modify this file to either create files or change the content of files in an admin-protected location. Axis has released a patched version for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 06:15:00 GMT

read more

CVE-2025-1021 - Synology DiskStation Manager (DSM) File Disclosure

CVE ID : CVE-2025-1021
Published : April 23, 2025, 3:15 a.m. | 10 hours, 47 minutes ago
Description : Missing authorization vulnerability in synocopy in Synology DiskStation Manager (DSM) before 7.1.1-42962-8, 7.2.1-69057-7 and 7.2.2-72806-3 allows remote attackers to read arbitrary files via unspecified vectors.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 03:15:00 GMT

read more

CVE-2025-46216 - Apache HTTP Server HTTP Request Smuggling

CVE ID : CVE-2025-46216
Published : April 23, 2025, 3:15 a.m. | 10 hours, 47 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 03:15:00 GMT

read more

CVE-2025-46217 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-46217
Published : April 23, 2025, 3:15 a.m. | 10 hours, 47 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 03:15:00 GMT

read more

CVE-2025-46218 - Microsoft Azure AD Authentication

CVE ID : CVE-2025-46218
Published : April 23, 2025, 3:15 a.m. | 10 hours, 47 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 03:15:00 GMT

read more

CVE-2025-46219 - Apache HTTP Server Command Injection

CVE ID : CVE-2025-46219
Published : April 23, 2025, 3:15 a.m. | 10 hours, 47 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 03:15:00 GMT

read more

CVE-2025-46220 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-46220
Published : April 23, 2025, 3:15 a.m. | 10 hours, 47 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 03:15:00 GMT

read more

CVE-2025-46221 - Apache HTTP Server Authentication Bypass

CVE ID : CVE-2025-46221
Published : April 23, 2025, 3:15 a.m. | 10 hours, 47 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 03:15:00 GMT

read more

CVE-2025-46222 - Apache HTTP Server Authentication Bypass

CVE ID : CVE-2025-46222
Published : April 23, 2025, 3:15 a.m. | 10 hours, 47 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 03:15:00 GMT

read more

CVE-2025-46223 - Apache HTTP Server Information Disclosure

CVE ID : CVE-2025-46223
Published : April 23, 2025, 3:15 a.m. | 10 hours, 47 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 03:15:00 GMT

read more

CVE-2025-46224 - Dropbox Authentication Bypass

CVE ID : CVE-2025-46224
Published : April 23, 2025, 3:15 a.m. | 10 hours, 47 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 23 Apr 2025 03:15:00 GMT

read more

CVE-2025-3441 - CVE-2022-1234: Adobe Flash Type Confusion Vulnerability

CVE ID : CVE-2025-3441
Published : April 22, 2025, 11:15 p.m. | 12 hours, 27 minutes ago
Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 23:15:00 GMT

read more

CVE-2025-27087 - Cray Operating System (COS) Kernel Local Denial of Service (DoS)

CVE ID : CVE-2025-27087
Published : April 22, 2025, 10:15 p.m. | 11 hours, 27 minutes ago
Description : A vulnerability in the kernel of the Cray Operating System (COS) could allow an attacker to perform a local Denial of Service (DoS) attack.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 22:15:00 GMT

read more

CVE-2025-37088 - HPE Cray Data Virtualization Service (DVS) Authentication Bypass Vulnerability

CVE ID : CVE-2025-37088
Published : April 22, 2025, 10:15 p.m. | 11 hours, 27 minutes ago
Description : A security vulnerability has been identified in HPE Cray Data Virtualization Service (DVS). Depending on race conditions and configuration, this vulnerability may lead to local/cluster unauthorized access.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 22:15:00 GMT

read more

CVE-2025-32965 - XRP Ledger Malicious Code Exfiltration in xrpl.js

CVE ID : CVE-2025-32965
Published : April 22, 2025, 9:15 p.m. | 12 hours, 27 minutes ago
Description : xrpl.js is a JavaScript/TypeScript API for interacting with the XRP Ledger in Node.js and the browser. Versions 4.2.1, 4.2.2, 4.2.3, and 4.2.4 of xrpl.js were compromised and contained malicious code designed to exfiltrate private keys. Version 2.14.2 is also malicious, though it is less likely to lead to exploitation as it is not compatible with other 2.x versions. Anyone who used one of these versions should stop immediately and rotate any private keys or secrets used with affected systems. Users of xrpl.js should pgrade to version 4.2.5 or 2.14.3 to receive a patch. To secure funds, think carefully about whether any keys may have been compromised by this supply chain attack, and mitigate by sending funds to secure wallets, and/or rotating keys. If any account's master key is potentially compromised, disable the key.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 21:15:00 GMT

read more

CVE-2025-37087 - HPE Performance Cluster Manager (HPCM) Arbitrary File Access Vulnerability

CVE ID : CVE-2025-37087
Published : April 22, 2025, 9:15 p.m. | 12 hours, 27 minutes ago
Description : A vulnerability in the cmdb service of the HPE Performance Cluster Manager (HPCM) could allow an attacker to gain access to an arbitrary file on the server host.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 21:15:00 GMT

read more

CVE-2025-26159 - Laravel Starter XSS in Tag Name Field

CVE ID : CVE-2025-26159
Published : April 22, 2025, 8:15 p.m. | 13 hours, 27 minutes ago
Description : Laravel Starter 11.11.0 is vulnerable to Cross Site Scripting (XSS) in the tags feature. Any user with the ability of create or modify tags can inject malicious JavaScript code in the name field.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 20:15:00 GMT

read more

CVE-2025-29743 - D-Link DIR-816 Command Injection Vulnerability

CVE ID : CVE-2025-29743
Published : April 22, 2025, 8:15 p.m. | 13 hours, 27 minutes ago
Description : D-Link DIR-816 A2V1.1.0B05 was found to contain a command injection in /goform/delRouting.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 20:15:00 GMT

read more

CVE-2025-31327 - SAP Field Logistics Manage Logistics Data Tampering Vulnerability

CVE ID : CVE-2025-31327
Published : April 22, 2025, 7:15 p.m. | 14 hours, 27 minutes ago
Description : SAP Field Logistics Manage Logistics application OData meta-data property is vulnerable to data tampering, due to which certain fields could be externally modified by an attacker causing low impact on integrity of the application. Confidentiality and availability are not impacted.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 19:15:00 GMT

read more

CVE-2025-31328 - SAP Learning Solution CSRF Vulnerability

CVE ID : CVE-2025-31328
Published : April 22, 2025, 7:15 p.m. | 14 hours, 27 minutes ago
Description : SAP Learning Solution is vulnerable to Cross-Site Request Forgery (CSRF), allowing an attacker to trick authenticated user into sending unintended requests to the server. GET-based OData function is named in a way that it violates the expected behaviour. This issue could impact both the confidentiality and integrity of the application without affecting the availability.
Severity: 4.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 19:15:00 GMT

read more

CVE-2024-53568 - Volmarg Personal Management System Stored XSS

CVE ID : CVE-2024-53568
Published : April 22, 2025, 7:15 p.m. | 8 hours, 47 minutes ago
Description : A stored cross-site scripting (XSS) vulnerability in the Image Upload section of Volmarg Personal Management System v1.4.65 allows authenticated attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the tag parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 19:15:00 GMT

read more

CVE-2024-53569 - Volmarg Personal Management System Stored XSS

CVE ID : CVE-2024-53569
Published : April 22, 2025, 7:15 p.m. | 12 hours, 25 minutes ago
Description : A stored cross-site scripting (XSS) vulnerability in the New Goal Creation section of Volmarg Personal Management System v1.4.65 allows authenticated attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the description parameter.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 19:15:00 GMT

read more

CVE-2025-23253 - NVIDIA NvContainer OpenSSL Hard-Coded Constant DLL Injection Vulnerability

CVE ID : CVE-2025-23253
Published : April 22, 2025, 7:15 p.m. | 12 hours, 25 minutes ago
Description : NVIDIA NvContainer service for Windows contains a vulnerability in its usage of OpenSSL, where an attacker could exploit a hard-coded constant issue by copying a malicious DLL in a hard-coded path. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering.
Severity: 2.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 19:15:00 GMT

read more

CVE-2025-29621 - RosarioSIS Content Spoofing Vulnerability

CVE ID : CVE-2025-29621
Published : April 22, 2025, 7:15 p.m. | 12 hours, 25 minutes ago
Description : Francois Jacquet RosarioSIS v12.0.0 was discovered to contain a content spoofing vulnerability in the Theme configuration under the My Preferences module. This vulnerability allows attackers to manipulate application settings.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 19:15:00 GMT

read more

CVE-2025-43951 - LabVantage Local File Inclusion Vulnerability

CVE ID : CVE-2025-43951
Published : April 22, 2025, 6:16 p.m. | 11 hours, 46 minutes ago
Description : LabVantage before LV 8.8.0.13 HF6 allows local file inclusion. Authenticated users can retrieve arbitrary files from the environment via the objectname request parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 18:16:00 GMT

read more

CVE-2025-43952 - Mettler Toledo FreeWeight.Net Web Reports Viewer Cross-Site Scripting (XSS)

CVE ID : CVE-2025-43952
Published : April 22, 2025, 6:16 p.m. | 11 hours, 46 minutes ago
Description : A cross-site scripting (reflected XSS) vulnerability was found in Mettler Toledo FreeWeight.Net Web Reports Viewer 8.4.0 (440). It allows an attacker to inject malicious scripts via the IW_SessionID_ parameter.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 18:16:00 GMT

read more

CVE-2024-11299 - Memberpress WordPress Sensitive Information Exposure

CVE ID : CVE-2025-27907
Published : April 22, 2025, 5:16 p.m. | 45 minutes ago
Description : IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.
Severity: 4.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 17:16:00 GMT

read more

CVE-2025-29339 - Open5GS UPF Assertion Failure Vulnerability in PFCP Session Parameter Validation

CVE ID : CVE-2025-29339
Published : April 22, 2025, 5:16 p.m. | 45 minutes ago
Description : An issue in UPF in Open5GS UPF versions up to v2.7.2 results an assertion failure vulnerability in PFCP session parameter validation. When processing a PFCP Session Establishment Request with PDN Type=0, the UPF fails to handle the invalid value propagated from SMF (or via direct attack), triggering a fatal assertion check and causing a daemon crash.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 17:16:00 GMT

read more

CVE-2025-34028 - Commvault Command Center Innovation Release Remote Code Execution Path Traversal

CVE ID : CVE-2025-34028
Published : April 22, 2025, 5:16 p.m. | 45 minutes ago
Description : A path traversal vulnerability in Commvault Command Center Innovation Release allows an unauthenticated actor to upload ZIP files, which, when expanded by the target server, result in Remote Code Execution. This issue affects Command Center Innovation Release: 11.38.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 17:16:00 GMT

read more

CVE-2024-33452 - OpenResty Lua-Nginx Module HTTP Request Smuggling Vulnerability

CVE ID : CVE-2024-33452
Published : April 22, 2025, 4:15 p.m. | 1 hour, 46 minutes ago
Description : An issue in OpenResty lua-nginx-module v.0.10.26 and before allows a remote attacker to conduct HTTP request smuggling via a crafted HEAD request.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 16:15:00 GMT

read more

CVE-2025-23249 - NVIDIA NeMo Framework Remote Code Execution (RCE)

CVE ID : CVE-2025-23249
Published : April 22, 2025, 4:15 p.m. | 1 hour, 46 minutes ago
Description : NVIDIA NeMo Framework contains a vulnerability where a user could cause a deserialization of untrusted data by remote code execution. A successful exploit of this vulnerability might lead to code execution and data tampering.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 16:15:00 GMT

read more

CVE-2025-23250 - NVIDIA NeMo Framework Arbitrary File Write Code Execution Vulnerability

CVE ID : CVE-2025-23250
Published : April 22, 2025, 4:15 p.m. | 1 hour, 46 minutes ago
Description : NVIDIA NeMo Framework contains a vulnerability where an attacker could cause an improper limitation of a pathname to a restricted directory by an arbitrary file write. A successful exploit of this vulnerability might lead to code execution and data tampering.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 16:15:00 GMT

read more

CVE-2025-23251 - NVIDIA NeMo Framework Code Generation Remote Code Execution Vulnerability

CVE ID : CVE-2025-23251
Published : April 22, 2025, 4:15 p.m. | 1 hour, 46 minutes ago
Description : NVIDIA NeMo Framework contains a vulnerability where a user could cause an improper control of generation of code by remote code execution. A successful exploit of this vulnerability might lead to code execution and data tampering.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 16:15:00 GMT

read more

CVE-2025-28024 - TOTOLINK A810R Buffer Overflow Vulnerability

CVE ID : CVE-2025-28024
Published : April 22, 2025, 4:15 p.m. | 1 hour, 46 minutes ago
Description : TOTOLINK A810R V4.1.2cu.5182_B20201026 was found to contain a buffer overflow vulnerability in the cstecgi.cgi
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 16:15:00 GMT

read more

CVE-2025-28030 - TOTOLINK A810R Stack Overflow Vulnerability

CVE ID : CVE-2025-28030
Published : April 22, 2025, 4:15 p.m. | 1 hour, 46 minutes ago
Description : TOTOLINK A810R V4.1.2cu.5182_B20201026 was discovered to contain a stack overflow via the startTime and endTime parameters in setParentalRules function.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 16:15:00 GMT

read more

CVE-2025-28031 - TOTOLINK A810R Hardcoded Telnet Password

CVE ID : CVE-2025-28031
Published : April 22, 2025, 4:15 p.m. | 1 hour, 46 minutes ago
Description : TOTOLINK A810R V4.1.2cu.5182_B20201026 was discovered to contain a hardcoded password for the telnet service in product.ini.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 16:15:00 GMT

read more

CVE-2025-28037 - TOTOLINK A810R/A950RG Remote Command Execution

CVE ID : CVE-2025-28037
Published : April 22, 2025, 4:15 p.m. | 1 hour, 46 minutes ago
Description : TOTOLINK A810R V4.1.2cu.5182_B20201026 and A950RG V4.1.2cu.5161_B20200903 were found to contain a pre-auth remote command execution vulnerability in the setDiagnosisCfg function through the ipDomain parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 16:15:00 GMT

read more

CVE-2025-3767 - Centreon BAM SQL Injection Vulnerability

CVE ID : CVE-2025-3767
Published : April 22, 2025, 4:15 p.m. | 1 hour, 46 minutes ago
Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Centreon BAM (Boolean KPi Listing modules) allows SQL Injection. This page is only accessible to authenticated users with high privileges. This issue affects Centreon BAM: from 24.10 before 24.10.1, from 24.04 before 24.04.5, from 23.10 before 23.10.10, from 23.04 before 23.04.10.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 16:15:00 GMT

read more

CVE-2025-1950 - IBM Hardware Management Console - Local Command Execution Vulnerability

CVE ID : CVE-2025-1950
Published : April 22, 2025, 3:16 p.m. | 2 hours, 46 minutes ago
Description : IBM Hardware Management Console - Power Systems V10.2.1030.0 and V10.3.1050.0 could allow a local user to execute commands locally due to improper validation of libraries of an untrusted source.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 15:16:00 GMT

read more

CVE-2025-1951 - IBM Hardware Management Console Privilege Escalation Vulnerability

CVE ID : CVE-2025-1951
Published : April 22, 2025, 3:16 p.m. | 2 hours, 46 minutes ago
Description : IBM Hardware Management Console - Power Systems V10.2.1030.0 and V10.3.1050.0 could allow a local user to execute commands as a privileged user due to execution of commands with unnecessary privileges.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 15:16:00 GMT

read more

CVE-2025-23176 - Apache Web Server SQL Injection Vulnerability

CVE ID : CVE-2025-23176
Published : April 22, 2025, 3:16 p.m. | 2 hours, 46 minutes ago
Description : CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 15:16:00 GMT

read more

CVE-2025-29547 - Rollback Rx Professional Null Pointer Dereference Denial of Service Vulnerability

CVE ID : CVE-2025-29547
Published : April 22, 2025, 3:16 p.m. | 2 hours, 46 minutes ago
Description : In Rollback Rx Professional 12.8.0.0, the driver file shieldm.sys allows local users to cause a denial of service because of a null pointer dereference from IOCtl 0x96202000.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 15:16:00 GMT

read more

CVE-2024-40445 - Forkosh Mime Tex Directory Traversal Arbitrary Code Execution

CVE ID : CVE-2024-40445
Published : April 22, 2025, 2:15 p.m. | 3 hours, 47 minutes ago
Description : Directory Traversal vulnerability in forkosh Mime Tex before v.1.77 allows an attacker to execute arbitrary code via a crafted file upload
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 14:15:00 GMT

read more

CVE-2024-40446 - Forkosh Mime Tex Script Injection Vulnerability

CVE ID : CVE-2024-40446
Published : April 22, 2025, 2:15 p.m. | 3 hours, 47 minutes ago
Description : An issue in forkosh Mime Tex before v.1.77 allows an attacker to execute arbitrary code via a crafted script
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 14:15:00 GMT

read more

CVE-2024-46546 - NEXTU FLETA AX1500 WIFI6 Router Stack Overflow Denial of Service

CVE ID : CVE-2024-46546
Published : April 22, 2025, 2:15 p.m. | 3 hours, 47 minutes ago
Description : NEXTU FLETA AX1500 WIFI6 Router v1.0.3 was discovered to contain a stack overflow via the url parameter at /boafrm/formFilter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 14:15:00 GMT

read more

CVE-2025-28032 - TOTOLINK Router Pre-Auth Buffer Overflow Vulnerability

CVE ID : CVE-2025-28032
Published : April 22, 2025, 2:15 p.m. | 3 hours, 47 minutes ago
Description : TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 contain a pre-auth buffer overflow vulnerability in the setNoticeCfg function through the IpForm parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 14:15:00 GMT

read more

CVE-2025-28033 - Totolink Router Pre-Auth Buffer Overflow Vulnerability

CVE ID : CVE-2025-28033
Published : April 22, 2025, 2:15 p.m. | 3 hours, 47 minutes ago
Description : TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a pre-auth buffer overflow vulnerability in the setNoticeCfg function through the IpTo parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 14:15:00 GMT

read more

CVE-2025-28034 - TOTOLINK Router Pre-Auth Remote Command Execution Vulnerability

CVE ID : CVE-2025-28034
Published : April 22, 2025, 2:15 p.m. | 3 hours, 47 minutes ago
Description : TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a pre-auth remote command execution vulnerability in the NTPSyncWithHost function through the hostTime parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 14:15:00 GMT

read more

CVE-2025-23175 - Apache Struts Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-23175
Published : April 22, 2025, 1:15 p.m. | 4 hours, 46 minutes ago
Description : Multiple XSS (CWE-79)
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 13:15:00 GMT

read more

CVE-2025-3458 - WordPress Ocean Extra Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3458
Published : April 22, 2025, 12:15 p.m. | 5 hours, 47 minutes ago
Description : The Ocean Extra plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'ocean_gallery_id’ parameter in all versions up to, and including, 2.4.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The Classic Editor plugin must be installed and activated to exploit the vulnerability.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 12:15:00 GMT

read more

CVE-2025-3472 - WooCommerce Ocean Extra Plugin Shortcode Injection Vulnerability

CVE ID : CVE-2025-3472
Published : April 22, 2025, 12:15 p.m. | 5 hours, 47 minutes ago
Description : The Ocean Extra plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.4.6. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes when WooCommerce is also installed and activated.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 12:15:00 GMT

read more

CVE-2025-2092 - Checkmk GmbH Checkmk Log File Information Disclosure

CVE ID : CVE-2025-2092
Published : April 22, 2025, 12:15 p.m. | 26 minutes ago
Description : Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p29, <2.2.0p41 and <=2.1.0p49 (EOL) causes remote site authentication secrets to be written to log files accessible to administrators.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 12:15:00 GMT

read more

CVE-2025-3457 - WordPress Ocean Extra Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3457
Published : April 22, 2025, 12:15 p.m. | 26 minutes ago
Description : The Ocean Extra plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'oceanwp_icon' shortcode in all versions up to, and including, 2.4.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 12:15:00 GMT

read more

CVE-2025-46233 - Sirv CDN and Image Hosting Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-46233
Published : April 22, 2025, 10:15 a.m. | 2 hours, 26 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sirv CDN and Image Hosting Sirv allows Stored XSS. This issue affects Sirv: from n/a through 7.5.3.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 10:15:00 GMT

read more

CVE-2025-46235 - SKT Blocks - Gutenberg based Page Builder Cross-site Scripting

CVE ID : CVE-2025-46235
Published : April 22, 2025, 10:15 a.m. | 4 hours, 11 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sonalsinha21 SKT Blocks – Gutenberg based Page Builder allows Stored XSS. This issue affects SKT Blocks – Gutenberg based Page Builder: from n/a through 2.0.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 10:15:00 GMT

read more

CVE-2025-46236 - Link Software LLC HTML Forms Stored Cross-site Scripting (XSS)

CVE ID : CVE-2025-46236
Published : April 22, 2025, 10:15 a.m. | 4 hours, 11 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Link Software LLC HTML Forms allows Stored XSS. This issue affects HTML Forms: from n/a through 1.5.2.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 10:15:00 GMT

read more

CVE-2025-46237 - Yannick Lefebvre Link Library Cross-site Scripting

CVE ID : CVE-2025-46237
Published : April 22, 2025, 10:15 a.m. | 4 hours, 11 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Yannick Lefebvre Link Library allows Stored XSS. This issue affects Link Library: from n/a through 7.8.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 10:15:00 GMT

read more

CVE-2025-46238 - Apache RBAER Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-46238
Published : April 22, 2025, 10:15 a.m. | 4 hours, 11 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in rbaer List Last Changes allows Stored XSS. This issue affects List Last Changes: from n/a through 1.2.1.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 10:15:00 GMT

read more

CVE-2025-46239 - Theme Switcha Cross-site Scripting Vulnerability

CVE ID : CVE-2025-46239
Published : April 22, 2025, 10:15 a.m. | 4 hours, 11 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jeff Starr Theme Switcha allows Stored XSS. This issue affects Theme Switcha: from n/a through 3.4.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 10:15:00 GMT

read more

CVE-2025-46240 - Simple Download Counter Stored Cross-site Scripting

CVE ID : CVE-2025-46240
Published : April 22, 2025, 10:15 a.m. | 4 hours, 11 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jeff Starr Simple Download Counter allows Stored XSS. This issue affects Simple Download Counter: from n/a through 2.2.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 10:15:00 GMT

read more

CVE-2025-46241 - Codepeople Appointment Booking Calendar CSRF-Enabled SQL Injection

CVE ID : CVE-2025-46241
Published : April 22, 2025, 10:15 a.m. | 4 hours, 11 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in codepeople Appointment Booking Calendar allows SQL Injection. This issue affects Appointment Booking Calendar: from n/a through 1.3.92.
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 10:15:00 GMT

read more

CVE-2025-46242 - Watu Quiz SQL Injection

CVE ID : CVE-2025-46242
Published : April 22, 2025, 10:15 a.m. | 4 hours, 11 minutes ago
Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Bob Watu Quiz allows SQL Injection. This issue affects Watu Quiz: from n/a through 3.4.3.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 10:15:00 GMT

read more

CVE-2025-46243 - Sonalsinha21 WooCommerce Recover Abandoned Cart CSRF

CVE ID : CVE-2025-46243
Published : April 22, 2025, 10:15 a.m. | 4 hours, 11 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in sonalsinha21 Recover abandoned cart for WooCommerce allows Cross Site Request Forgery. This issue affects Recover abandoned cart for WooCommerce: from n/a through 2.2.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 10:15:00 GMT

read more

CVE-2025-46244 - Dotstore Advanced Linked Variations for Woocommerce Missing Authorization Vulnerability

CVE ID : CVE-2025-46244
Published : April 22, 2025, 10:15 a.m. | 4 hours, 11 minutes ago
Description : Missing Authorization vulnerability in Dotstore Advanced Linked Variations for Woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Advanced Linked Variations for Woocommerce: from n/a through 1.0.3.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 10:15:00 GMT

read more

CVE-2025-46245 - CreativeMindsSolutions CM Ad Changer CSRF Vulnerability

CVE ID : CVE-2025-46245
Published : April 22, 2025, 10:15 a.m. | 4 hours, 11 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in CreativeMindsSolutions CM Ad Changer allows Cross Site Request Forgery. This issue affects CM Ad Changer: from n/a through 2.0.5.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 10:15:00 GMT

read more

CVE-2025-46246 - CM Answers CSRF

CVE ID : CVE-2025-46246
Published : April 22, 2025, 10:15 a.m. | 4 hours, 11 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in CreativeMindsSolutions CM Answers allows Cross Site Request Forgery. This issue affects CM Answers: from n/a through 3.3.3.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 10:15:00 GMT

read more

CVE-2025-46247 - Codepeople Appointment Booking Calendar Missing Authorization Vulnerability

CVE ID : CVE-2025-46247
Published : April 22, 2025, 10:15 a.m. | 4 hours, 11 minutes ago
Description : Missing Authorization vulnerability in codepeople Appointment Booking Calendar allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Appointment Booking Calendar: from n/a through 1.3.92.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 10:15:00 GMT

read more

CVE-2025-46249 - Elementor Simple Calendar CSRF

CVE ID : CVE-2025-46249
Published : April 22, 2025, 10:15 a.m. | 4 hours, 11 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in Michael Simple calendar for Elementor allows Cross Site Request Forgery. This issue affects Simple calendar for Elementor: from n/a through 1.6.4.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 10:15:00 GMT

read more

CVE-2025-46250 - Vikas Ratudi VForm Cross-site Scripting

CVE ID : CVE-2025-46250
Published : April 22, 2025, 10:15 a.m. | 4 hours, 11 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vikas Ratudi VForm allows Stored XSS. This issue affects VForm: from n/a through 3.1.14.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 10:15:00 GMT

read more

CVE-2025-46251 - VikRestaurants Table Reservations and Take-Away CSRF

CVE ID : CVE-2025-46251
Published : April 22, 2025, 10:15 a.m. | 4 hours, 11 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in e4jvikwp VikRestaurants Table Reservations and Take-Away allows Cross Site Request Forgery. This issue affects VikRestaurants Table Reservations and Take-Away: from n/a through 1.3.3.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 10:15:00 GMT

read more

CVE-2025-46252 - Contact Form 7 SQL Injection Vulnerability

CVE ID : CVE-2025-46252
Published : April 22, 2025, 10:15 a.m. | 4 hours, 11 minutes ago
Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in kofimokome Message Filter for Contact Form 7 allows SQL Injection. This issue affects Message Filter for Contact Form 7: from n/a through 1.6.3.2.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 10:15:00 GMT

read more

CVE-2025-46253 - Ataur GutenKit Stored Cross-site Scripting (XSS)

CVE ID : CVE-2025-46253
Published : April 22, 2025, 10:15 a.m. | 4 hours, 11 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ataur R GutenKit allows Stored XSS. This issue affects GutenKit: from n/a through 2.2.2.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 10:15:00 GMT

read more

CVE-2025-46254 - Visual Composer Cross-Site Scripting (XSS)

CVE ID : CVE-2025-46254
Published : April 22, 2025, 10:15 a.m. | 4 hours, 11 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Visual Composer Visual Composer Website Builder allows Stored XSS. This issue affects Visual Composer Website Builder: from n/a through 45.10.0.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 10:15:00 GMT

read more

CVE-2025-46227 - Brecht Custom Related Posts Cross-site Scripting (XSS)

CVE ID : CVE-2025-46227
Published : April 22, 2025, 10:15 a.m. | 1 hour, 37 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brecht Custom Related Posts allows Stored XSS. This issue affects Custom Related Posts: from n/a through 1.7.4.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 10:15:00 GMT

read more

CVE-2025-46228 - Bastien Ho Eventpost DOM-Based Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-46228
Published : April 22, 2025, 10:15 a.m. | 1 hour, 37 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bastien Ho Event post allows DOM-Based XSS. This issue affects Event post: from n/a through 5.9.11.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 10:15:00 GMT

read more

CVE-2025-46229 - Israpil Textmetrics Cross-site Scripting Vulnerability

CVE ID : CVE-2025-46229
Published : April 22, 2025, 10:15 a.m. | 1 hour, 37 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Israpil Textmetrics allows Stored XSS. This issue affects Textmetrics: from n/a through 3.6.2.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 10:15:00 GMT

read more

CVE-2025-46231 - SERVIT Software Solutions Affiliate-Toolkit CSRF Vulnerability

CVE ID : CVE-2025-46231
Published : April 22, 2025, 10:15 a.m. | 1 hour, 37 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in SERVIT Software Solutions affiliate-toolkit allows Cross Site Request Forgery. This issue affects affiliate-toolkit: from n/a through 3.7.3.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 10:15:00 GMT

read more

CVE-2025-46232 - Alt Text AI Missing Authorization

CVE ID : CVE-2025-46232
Published : April 22, 2025, 10:15 a.m. | 1 hour, 37 minutes ago
Description : Missing Authorization vulnerability in alttextai Download Alt Text AI allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Download Alt Text AI: from n/a through 1.9.93.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 10:15:00 GMT

read more

CVE-2025-3518 - Apache Stratos File Upload Bypass Vulnerability

CVE ID : CVE-2025-3518
Published : April 22, 2025, 9:15 a.m. | 19 minutes ago
Description : It technically possible for a user to upload a file to a conversation despite the file upload functionality being disabled. The file upload functionality can be enabled or disabled for specific use cases through configuration. In case the functionality is disabled for at least one use case, the system nevertheless allows files to be uploaded through direct API requests. During the upload file, interception and allowed file type rules are still applied correctly. If file sharing is generally enabled, this issue is not of concern.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 09:15:00 GMT

read more

CVE-2025-3519 - Unblu Spark Authorization Bypass File Replacement

CVE ID : CVE-2025-3519
Published : April 22, 2025, 9:15 a.m. | 19 minutes ago
Description : An authorization bypass in Unblu Spark allows a participant of a conversation to replace an existing, uploaded file. Every uploaded file in Unblu gets assigned with a randomly generated Universally Unique ID (UUID). In case a participant of this or another conversation gets access to such a file ID, it can be used to replace the file without changing the file name and details or the name of the user who uploaded the file. During the upload, file interception and allowed file type rules are still applied correctly.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 09:15:00 GMT

read more

CVE-2025-26413 - Apache Kvrocks Out-of-Range Index Denial of Service

CVE ID : CVE-2025-26413
Published : April 22, 2025, 8:15 a.m. | 1 hour, 19 minutes ago
Description : Improper Input Validation vulnerability in Apache Kvrocks. The SETRANGE command didn't check if the `offset` input is a positive integer and use it as an index of a string. So it will cause the server to crash due to its index is  out of range. This issue affects Apache Kvrocks: through 2.11.1. Users are recommended to upgrade to version 2.12.0, which fixes the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 08:15:00 GMT

read more

CVE-2024-13569 - WordPress Front End Users Reflected Cross-Site Scripting

CVE ID : CVE-2024-13569
Published : April 22, 2025, 6:15 a.m. | 3 hours, 19 minutes ago
Description : The Front End Users WordPress plugin through 3.2.32 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 06:15:00 GMT

read more

CVE-2025-2594 - WordPress User Registration Membership Unauthorized Authentication Vulnerability

CVE ID : CVE-2025-2594
Published : April 22, 2025, 6:15 a.m. | 3 hours, 19 minutes ago
Description : The User Registration & Membership WordPress plugin before 4.1.3 does not properly validate data in an AJAX action when the Membership Addon is enabled, allowing attackers to authenticate as any user, including administrators, by simply using the target account's user ID.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 06:15:00 GMT

read more

CVE-2025-2839 - WordPress WP Import Export Lite Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-2839
Published : April 22, 2025, 6:15 a.m. | 3 hours, 19 minutes ago
Description : The WP Import Export Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wpiePreviewData’ function in all versions up to, and including, 3.9.27 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 06:15:00 GMT

read more

CVE-2025-3814 - WooCommerce Tax Switch Stored Cross-Site Scripting

CVE ID : CVE-2025-3814
Published : April 22, 2025, 6:15 a.m. | 3 hours, 19 minutes ago
Description : The Tax Switch for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘class-name’ parameter in all versions up to, and including, 1.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 06:15:00 GMT

read more

CVE-2024-46899 - Hitachi Ops Center Analyzer Viewpoint OVF Authentication Credentials Leakage Vulnerability

CVE ID : CVE-2024-46899
Published : April 22, 2025, 5:15 a.m. | 4 hours, 19 minutes ago
Description : Hitachi Ops Center Common Services within Hitachi Ops Center Analyzer viewpoint OVF contains an authentication credentials leakage vulnerability.This issue affects Hitachi Ops Center Common Services: from 10.0.0-00 before 11.0.0-04; Hitachi Ops Center Analyzer viewpoint OVF: from 10.0.0-00 before 11.0.0-04.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 05:15:00 GMT

read more

CVE-2025-2300 - Hitachi Ops Center Common Services Information Exposure

CVE ID : CVE-2025-2300
Published : April 22, 2025, 5:15 a.m. | 4 hours, 19 minutes ago
Description : Hitachi Ops Center Common Services within Hitachi Ops Center OVA contains an information exposure vulnerability. This issue affects Hitachi Ops Center Common Services: from 11.0.3-00 before 11.0.4-00.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 05:15:00 GMT

read more

CVE-2025-3616 - Greenshift WordPress Animation and Page Builder Blocks Unvalidated File Upload Vulnerability

CVE ID : CVE-2025-3616
Published : April 22, 2025, 5:15 a.m. | 4 hours, 19 minutes ago
Description : The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the gspb_make_proxy_api_request() function in versions 11.4 to 11.4.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. The arbitrary file upload was sufficiently patched in 11.4.5, but a capability check was added in 11.4.6 to properly prevent unauthorized limited file uploads.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 05:15:00 GMT

read more

CVE-2025-1731 - "USG FLEX H series PostgreSQL Command Privilege Escalation Vulnerability"

CVE ID : CVE-2025-1731
Published : April 22, 2025, 3:15 a.m. | 6 hours, 19 minutes ago
Description : An incorrect permission assignment vulnerability in the PostgreSQL commands of the USG FLEX H series uOS firmware versions from V1.20 through V1.31 could allow an authenticated local attacker with low privileges to gain access to the Linux shell and escalate their privileges by crafting malicious scripts or modifying system configurations with administrator-level access through a stolen token. Modifying the system configuration is only possible if the administrator has not logged out and the token remains valid.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 03:15:00 GMT

read more

CVE-2025-1732 - "Fortinet USG FLEX H Series Privilege Escalation Vulnerability"

CVE ID : CVE-2025-1732
Published : April 22, 2025, 3:15 a.m. | 6 hours, 19 minutes ago
Description : An improper privilege management vulnerability in the recovery function of the USG FLEX H series uOS firmware version V1.31 and earlier could allow an authenticated local attacker with administrator privileges to upload a crafted configuration file and escalate privileges on a vulnerable device.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 03:15:00 GMT

read more

CVE-2025-3577 - Zyxel AMG1302-T10B Path Traversal Vulnerability

CVE ID : CVE-2025-3577
Published : April 22, 2025, 3:15 a.m. | 6 hours, 19 minutes ago
Description : **UNSUPPORTED WHEN ASSIGNED** A path traversal vulnerability in the web management interface of the Zyxel AMG1302-T10B firmware version 2.00(AAJC.16)C0 could allow an authenticated attacker with administrator privileges to access restricted directories by sending a crafted HTTP request to an affected device.
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 03:15:00 GMT

read more

CVE-2024-58250 - ppp Passprompt Privilege Escalation Vulnerability

CVE ID : CVE-2024-58250
Published : April 22, 2025, 1:15 a.m. | 8 hours, 19 minutes ago
Description : The passprompt plugin in pppd in ppp before 2.5.2 mishandles privileges.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 01:15:00 GMT

read more

CVE-2025-3850 - YXJ2018 SpringBoot-Vue-OnlineExam Remote Authentication Bypass Vulnerability

CVE ID : CVE-2025-3850
Published : April 22, 2025, 1:15 a.m. | 8 hours, 19 minutes ago
Description : A vulnerability, which was classified as problematic, has been found in YXJ2018 SpringBoot-Vue-OnlineExam 1.0. This issue affects some unknown processing of the component API. The manipulation leads to improper authentication. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 01:15:00 GMT

read more

CVE-2025-3854 - H3C GR-3000AX HTTP POST Request Handler Buffer Overflow Vulnerability

CVE ID : CVE-2025-3854
Published : April 22, 2025, 1:15 a.m. | 8 hours, 19 minutes ago
Description : A vulnerability, which was classified as critical, was found in H3C GR-3000AX up to V100R006. Affected is the function EnableIpv6/UpdateWanModeMulti/UpdateIpv6Params/EditWlanMacList/Edit_List_SSID of the file /goform/aspForm of the component HTTP POST Request Handler. The manipulation of the argument param leads to buffer overflow. The attack needs to be initiated within the local network. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. Other functions might be affected as well.
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 01:15:00 GMT

read more

CVE-2025-3855 - CodeCanyon RISE Ultimate Project Manager File Inclusion Vulnerability

CVE ID : CVE-2025-3855
Published : April 22, 2025, 1:15 a.m. | 8 hours, 19 minutes ago
Description : A vulnerability was found in CodeCanyon RISE Ultimate Project Manager 3.8.2 and classified as problematic. Affected by this issue is some unknown functionality of the file /index.php/team_members/save_profile_image/ of the component Profile Picture Handler. The manipulation of the argument profile_image_file leads to improper control of resource identifiers. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 01:15:00 GMT

read more

CVE-2025-3856 - Xxyopen Novel-Plus SQL Injection Vulnerability

CVE ID : CVE-2025-3856
Published : April 22, 2025, 1:15 a.m. | 8 hours, 19 minutes ago
Description : A vulnerability was found in xxyopen Novel-Plus 5.1.0. It has been classified as critical. This affects the function searchByPage of the file /book/searchByPage. The manipulation of the argument sort leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 01:15:00 GMT

read more

CVE-2025-2987 - IBM Maximo Asset Management SSRF

CVE ID : CVE-2025-2987
Published : April 22, 2025, 12:15 a.m. | 9 hours, 19 minutes ago
Description : IBM Maximo Asset Management 7.6.1.3 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.
Severity: 3.8 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 00:15:00 GMT

read more

CVE-2025-3849 - YXJ2018 SpringBoot-Vue-OnlineExam Remote Unverified Password Change Vulnerability

CVE ID : CVE-2025-3849
Published : April 22, 2025, 12:15 a.m. | 9 hours, 19 minutes ago
Description : A vulnerability classified as problematic was found in YXJ2018 SpringBoot-Vue-OnlineExam 1.0. This vulnerability affects unknown code of the file /api/studentPWD. The manipulation of the argument studentId leads to unverified password change. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 22 Apr 2025 00:15:00 GMT

read more

Fuite de données chez Easy Cash

nom, prénom, date de naissance

Tue Apr 22 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

CVE-2025-3846 - Markparticle WebServer SQL Injection Vulnerability

CVE ID : CVE-2025-3846
Published : April 21, 2025, 11:15 p.m. | 10 hours, 19 minutes ago
Description : A vulnerability was found in markparticle WebServer up to 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file code/http/httprequest.cpp of the component Registration. The manipulation of the argument username/password leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 23:15:00 GMT

read more

CVE-2025-3847 - Markparticle WebServer SQL Injection Vulnerability

CVE ID : CVE-2025-3847
Published : April 21, 2025, 11:15 p.m. | 10 hours, 19 minutes ago
Description : A vulnerability classified as critical has been found in markparticle WebServer up to 1.0. This affects an unknown part of the file code/http/httprequest.cpp of the component Login. The manipulation of the argument username/password leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 23:15:00 GMT

read more

CVE-2025-3843 - Panhainan DS-Java CSRF Vulnerability

CVE ID : CVE-2025-3843
Published : April 21, 2025, 10:15 p.m. | 11 hours, 19 minutes ago
Description : A vulnerability was found in panhainan DS-Java 1.0. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 22:15:00 GMT

read more

CVE-2025-3845 - Markparticle WebServer Buffer Overflow Vulnerability

CVE ID : CVE-2025-3845
Published : April 21, 2025, 10:15 p.m. | 11 hours, 19 minutes ago
Description : A vulnerability was found in markparticle WebServer up to 1.0. It has been declared as critical. Affected by this vulnerability is the function Buffer::HasWritten of the file code/buffer/buffer.cpp. The manipulation of the argument writePos_ leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 22:15:00 GMT

read more

CVE-2025-3842 - Panhainan DS-Java Code Injection Vulnerability

CVE ID : CVE-2025-3842
Published : April 21, 2025, 9:15 p.m. | 12 hours, 19 minutes ago
Description : A vulnerability was found in panhainan DS-Java 1.0 and classified as critical. This issue affects the function uploadUserPic.action of the file src/com/phn/action/FileUpload.java. The manipulation of the argument fileUpload leads to code injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 21:15:00 GMT

read more

CVE-2025-32955 - Harden-Runner Docker Privilege Escalation Vulnerability

CVE ID : CVE-2025-32955
Published : April 21, 2025, 9:15 p.m. | 10 hours, 19 minutes ago
Description : Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. Versions from 0.12.0 to before 2.12.0 are vulnerable to `disable-sudo` bypass. Harden-Runner includes a policy option `disable-sudo` to prevent the GitHub Actions runner user from using sudo. This is implemented by removing the runner user from the sudoers file. However, this control can be bypassed as the runner user, being part of the docker group, can interact with the Docker daemon to launch privileged containers or access the host filesystem. This allows the attacker to regain root access or restore the sudoers file, effectively bypassing the restriction. This issue has been patched in version 2.12.0.
Severity: 6.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 21:15:00 GMT

read more

CVE-2025-32956 - ManageWiki SQL Injection Vulnerability

CVE ID : CVE-2025-32956
Published : April 21, 2025, 9:15 p.m. | 10 hours, 19 minutes ago
Description : ManageWiki is a MediaWiki extension allowing users to manage wikis. Versions before commit f504ed8, are vulnerable to SQL injection when renaming a namespace in Special:ManageWiki/namespaces when using a page prefix (namespace name, which is the current namespace you are renaming) with an injection payload. This issue has been patched in commit f504ed8. A workaround for this vulnerability involves setting `$wgManageWiki['namespaces'] = false;`.
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 21:15:00 GMT

read more

CVE-2025-32958 - Adept Language GitHub Token Exposure

CVE ID : CVE-2025-32958
Published : April 21, 2025, 9:15 p.m. | 10 hours, 19 minutes ago
Description : Adept is a language for general purpose programming. Prior to commit a1a41b7, the remoteBuild.yml workflow file uses actions/upload-artifact@v4 to upload the mac-standalone artifact. This artifact is a zip of the current directory, which includes the automatically generated .git/config file containing the run's GITHUB_TOKEN. Seeing as the artifact can be downloaded prior to the end of the workflow, there is a few seconds where an attacker can extract the token from the artifact and use it with the Github API to push malicious code or rewrite release commits in the AdeptLanguage/Adept repository. This issue has been patched in commit a1a41b7.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 21:15:00 GMT

read more

CVE-2025-3841 - Wix Incubator Jam Jinja2 Template Handler Template Injection Vulnerability

CVE ID : CVE-2025-3841
Published : April 21, 2025, 8:15 p.m. | 9 hours, 19 minutes ago
Description : A vulnerability, which was classified as problematic, was found in wix-incubator jam up to e87a6fd85cf8fb5ff37b62b2d68f917219d07ae9. This affects an unknown part of the file jam.py of the component Jinja2 Template Handler. The manipulation of the argument config['template'] leads to improper neutralization of special elements used in a template engine. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 20:15:00 GMT

read more

CVE-2025-27086 - Hewlett Packard Enterprise HPE Performance Cluster Manager (HPCM) Authentication Bypass Vulnerability

CVE ID : CVE-2025-27086
Published : April 21, 2025, 6:15 p.m. | 11 hours, 19 minutes ago
Description : A vulnerability in the HPE Performance Cluster Manager (HPCM) GUI could allow an attacker to bypass authentication.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 18:15:00 GMT

read more

CVE-2025-28103 - LaskBlog Arbitrary Account Deletion Vulnerability

CVE ID : CVE-2025-28103
Published : April 21, 2025, 6:15 p.m. | 11 hours, 19 minutes ago
Description : Incorrect access control in laskBlog v2.6.1 allows attackers to arbitrarily delete user accounts via a crafted request.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 18:15:00 GMT

read more

CVE-2025-28104 - LaskBlog Information Disclosure

CVE ID : CVE-2025-28104
Published : April 21, 2025, 6:15 p.m. | 11 hours, 19 minutes ago
Description : Incorrect access control in laskBlog v2.6.1 allows attackers to access all usernames via a crafted input.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 18:15:00 GMT

read more

CVE-2024-57394 - Qi-ANXIN Tianqing Endpoint Security Management System DLL Hijacking Vulnerability

CVE ID : CVE-2024-57394
Published : April 21, 2025, 6:15 p.m. | 7 hours, 37 minutes ago
Description : The quarantine - restore function in Qi-ANXIN Tianqing Endpoint Security Management System v10.0 allows user to restore a malicious file to an arbitrary file path. Attackers can write malicious DLL to system path and perform privilege escalation by leveraging Windows DLL hijacking vulnerabilities.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 18:15:00 GMT

read more

CVE-2025-23174 - Apache Apache Information Disclosure

CVE ID : CVE-2025-23174
Published : April 21, 2025, 5:15 p.m. | 8 hours, 37 minutes ago
Description : CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 17:15:00 GMT

read more

CVE-2025-28099 - Opencms Arbitrary File Read Vulnerability

CVE ID : CVE-2025-28099
Published : April 21, 2025, 5:15 p.m. | 8 hours, 37 minutes ago
Description : opencms V2.3 is vulnerable to Arbitrary file read in src/main/webapp/view/admin/document/dataPage.jsp,
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 17:15:00 GMT

read more

CVE-2025-28102 - FlaskBlog XSS

CVE ID : CVE-2025-28102
Published : April 21, 2025, 5:15 p.m. | 8 hours, 37 minutes ago
Description : A cross-site scripting (XSS) vulnerability in flaskBlog v2.6.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the postContent parameter at /createpost.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 17:15:00 GMT

read more

CVE-2025-29446 - Open-WebUI SSRF Vulnerability

CVE ID : CVE-2025-29446
Published : April 21, 2025, 5:15 p.m. | 8 hours, 37 minutes ago
Description : open-webui v0.5.16 is vulnerable to SSRF in routers/ollama.py in function verify_connection.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 17:15:00 GMT

read more

CVE-2025-43922 - FileWave Windows Privilege Escalation

CVE ID : CVE-2025-43922
Published : April 21, 2025, 4:15 p.m. | 9 hours, 36 minutes ago
Description : The FileWave Windows client before 16.0.0, in some non-default configurations, allows an unprivileged local user to escalate privileges to SYSTEM.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 16:15:00 GMT

read more

CVE-2024-12543 - OpenText Content Management Barcode Attribute Manipulation

CVE ID : CVE-2024-12543
Published : April 21, 2025, 4:15 p.m. | 7 hours, 18 minutes ago
Description : User Enumeration and Data Integrity in Barcode functionality in OpenText Content Management versions 24.3-25.1on Windows and Linux allows a malicous authenticated attacker to potentially alter barcode attributes.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 16:15:00 GMT

read more

CVE-2025-28367 - MojoPortal Directory Traversal Vulnerability

CVE ID : CVE-2025-28367
Published : April 21, 2025, 4:15 p.m. | 7 hours, 18 minutes ago
Description : mojoPortal <=2.9.0.1 is vulnerable to Directory Traversal via BetterImageGallery API Controller - ImageHandler Action. An attacker can exploit this vulnerability to access the Web.Config file and obtain the MachineKey.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 16:15:00 GMT

read more

CVE-2025-32431 - Traefik Path Traversal Vulnerability

CVE ID : CVE-2025-32431
Published : April 21, 2025, 4:15 p.m. | 7 hours, 18 minutes ago
Description : Traefik (pronounced traffic) is an HTTP reverse proxy and load balancer. In versions prior to 2.11.24, 3.3.6, and 3.4.0-rc2. There is a potential vulnerability in Traefik managing the requests using a PathPrefix, Path or PathRegex matcher. When Traefik is configured to route the requests to a backend using a matcher based on the path, if the URL contains a /../ in its path, it’s possible to target a backend, exposed using another router, by-passing the middlewares chain. This issue has been patched in versions 2.11.24, 3.3.6, and 3.4.0-rc2. A workaround involves adding a `PathRegexp` rule to the matcher to prevent matching a route with a `/../` in the path.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 16:15:00 GMT

read more

CVE-2025-32793 - Cilium Wireguard Transparent Encryption Race Condition

CVE ID : CVE-2025-32793
Published : April 21, 2025, 4:15 p.m. | 7 hours, 18 minutes ago
Description : Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Versions 1.15.0 to 1.15.15, 1.16.0 to 1.16.8, and 1.17.0 to 1.17.2, are vulnerable when using Wireguard transparent encryption in a Cilium cluster, packets that originate from a terminating endpoint can leave the source node without encryption due to a race condition in how traffic is processed by Cilium. This issue has been patched in versions 1.15.16, 1.16.9, and 1.17.3. There are no workarounds available for this issue.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 16:15:00 GMT

read more

CVE-2025-3857 - Amazon.IonDotnet Denial of Service Vulnerability

CVE ID : CVE-2025-3857
Published : April 21, 2025, 4:15 p.m. | 7 hours, 18 minutes ago
Description : When reading binary Ion data through Amazon.IonDotnet using the RawBinaryReader class, Amazon.IonDotnet does not check the number of bytes read from the underlying stream while deserializing the binary format. If the Ion data is malformed or truncated, this triggers an infinite loop condition that could potentially result in a denial of service. Users should upgrade to Amazon.IonDotnet version 1.3.1 and ensure any forked or derivative code is patched to incorporate the new fixes.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 16:15:00 GMT

read more

CVE-2025-29659 - Yi IOT XY-3820 Remote Command Execution Vulnerability

CVE ID : CVE-2025-29659
Published : April 21, 2025, 3:16 p.m. | 2 hours, 45 minutes ago
Description : Yi IOT XY-3820 6.0.24.10 is vulnerable to Remote Command Execution via the "cmd_listen" function located in the "cmd" binary.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 15:16:00 GMT

read more

CVE-2025-29660 - Yi IOT XY-3820 Remote Code Execution Vulnerability

CVE ID : CVE-2025-29660
Published : April 21, 2025, 3:16 p.m. | 2 hours, 45 minutes ago
Description : A vulnerability exists in the daemon process of the Yi IOT XY-3820 v6.0.24.10, which exposes a TCP service on port 6789. This service lacks proper input validation, allowing attackers to execute arbitrary scripts present on the device by sending specially crafted TCP requests using directory traversal techniques.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 15:16:00 GMT

read more

CVE-2025-2298 - Dremio Software File Deletion Authorization Bypass

CVE ID : CVE-2025-2298
Published : April 21, 2025, 3:16 p.m. | 8 hours, 18 minutes ago
Description : An improper authorization vulnerability in Dremio Software allows authenticated users to delete arbitrary files that the system has access to, including system files and files stored in remote locations such as S3, Azure Blob Storage, and local filesystems. This vulnerability exists due to insufficient access controls on an API endpoint, enabling any authenticated user to specify and delete files outside their intended scope. Exploiting this flaw could lead to data loss, denial of service (DoS), and potential escalation of impact depending on the deleted files. Affected versions: * Any version of Dremio below 24.0.0 * Dremio 24.3.0 - 24.3.16 * Dremio 25.0.0 - 25.0.14 * Dremio 25.1.0 - 25.1.7 * Dremio 25.2.0 - 25.2.4 Fixed in version:  * Dremio 24.3.17 and above * Dremio 25.0.15 and above * Dremio 25.1.8 and above * Dremio 25.2.5 and above * Dremio 26.0.0 and above
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 15:16:00 GMT

read more

CVE-2025-2517 - OpenText ArcSight Enterprise Security Manager Domain Reference Leak

CVE ID : CVE-2025-2517
Published : April 21, 2025, 3:16 p.m. | 8 hours, 18 minutes ago
Description : Reference to Expired Domain Vulnerability in OpenText™ ArcSight Enterprise Security Manager.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 15:16:00 GMT

read more

CVE-2024-12862 - OpenText Content Server Unauthorized Deletion

CVE ID : CVE-2025-28121
Published : April 21, 2025, 3:15 p.m. | 6 hours, 18 minutes ago
Description : code-projects Online Exam Mastering System 1.0 is vulnerable to Cross Site Scripting (XSS) in feedback.php via the "q" parameter allowing remote attackers to execute arbitrary code.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 15:15:00 GMT

read more

CVE-2025-29287 - MCMS Ueditor Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-29287
Published : April 21, 2025, 3:15 p.m. | 6 hours, 18 minutes ago
Description : An arbitrary file upload vulnerability in the ueditor component of MCMS v5.4.3 allows attackers to execute arbitrary code via uploading a crafted file.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 15:15:00 GMT

read more

CVE-2024-12863 - OpenText Content Management CE Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2024-12863
Published : April 21, 2025, 3:15 p.m. | 4 hours, 18 minutes ago
Description : Stored XSS in Discussions in OpenText Content Management CE 20.2 to 25.1 on Windows and Linux allows authenticated malicious users to inject code into the system.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 15:15:00 GMT

read more

CVE-2024-42699 - OpenCMS Cross-Site Scripting (XSS)

CVE ID : CVE-2024-42699
Published : April 21, 2025, 3:15 p.m. | 4 hours, 18 minutes ago
Description : Cross Site Scripting vulnerability in Create/Modify article function in Alkacon OpenCMS 17.0 allows remote attacker to inject javascript payload via image title sub-field in the image field
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 15:15:00 GMT

read more

CVE-2024-41446 - Alkacon OpenCMS Stored XSS Vulnerability

CVE ID : CVE-2024-41446
Published : April 21, 2025, 2:15 p.m. | 5 hours, 18 minutes ago
Description : A stored cross-site scripting (XSS) vulnerability in Alkacon OpenCMS v17.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the image parameter under the Create/Modify article function.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 14:15:00 GMT

read more

CVE-2025-43916 - Sonos API Open Redirection and Hardcoded Secret Vulnerability

CVE ID : CVE-2025-43916
Published : April 21, 2025, 2:15 p.m. | 5 hours, 18 minutes ago
Description : Sonos api.sonos.com through 2025-04-21, when the /login/v3/oauth endpoint is used, accepts a redirect_uri containing userinfo in the authority component, which is not consistent with RFC 6819 section 5.2.3.5. An authorization code may be sent to an attacker-controlled destination. This might have further implications in conjunction with "Decompiling the app revealed a hardcoded secret."
Severity: 3.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 14:15:00 GMT

read more

CVE-2025-32408 - Soffid Console Java Deserialization Remote Code Execution

CVE ID : CVE-2025-32408
Published : April 21, 2025, 1:15 p.m. | 4 hours, 45 minutes ago
Description : In Soffid Console 3.6.31 before 3.6.32, authorization to use the pam service is mishandled.
Severity: 2.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 13:15:00 GMT

read more

CVE-2025-3837 - "VMware End of Life OVA Connect Remote Code Execution Vulnerability"

CVE ID : CVE-2025-3837
Published : April 21, 2025, 10:15 a.m. | 7 hours, 46 minutes ago
Description : An improper input validation vulnerability is identified in the End of Life (EOL) OVA based connect component which is deployed for installation purposes in the customer internal network. This EOL component was deprecated in September 2023 with end of support extended till January 2024. Under certain circumstances, an actor can manipulate a specific request parameter and inject code execution payload which could lead to a remote code execution on the infrastructure hosting this component.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 10:15:00 GMT

read more

CVE-2025-3838 - "VMware Connect Unauthorized Access to Installer Credentials"

CVE ID : CVE-2025-3838
Published : April 21, 2025, 10:15 a.m. | 7 hours, 46 minutes ago
Description : An Improper Authorization vulnerability was identified in the EOL OVA based connect component which is deployed for installation purposes in the customer internal network. Under certain conditions, this could allow a bad actor to gain unauthorized access to the local db containing weakly hashed credentials of the installer. This EOL component was deprecated in September 2023 with end of support extended till January 2024.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 10:15:00 GMT

read more

CVE-2025-3840 - Oracle OVA Connect Installer Cross-Site Scripting (XSS)

CVE ID : CVE-2025-3840
Published : April 21, 2025, 10:15 a.m. | 7 hours, 46 minutes ago
Description : An improper neutralization of input vulnerability was identified in the End of Life (EOL) OVA based connect installer component which is deployed for installation purposes in a customer network. This EOL component was deprecated in September 2023 with end of support extended till January 2024. An actor can manipulate the action parameter of the login form to inject malicious scripts which would lead to a XSS attack under certain conditions.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 10:15:00 GMT

read more

Le France Cybersecurity Challenge (FCSC) démarre aujourd’hui !

Le France Cybersecurity Challenge (FCSC) démarre aujourd’hui !

anssiadm
Jusqu’au 27 avril 2025, venez vous mesurer aux épreuves du CTF de l’ANSSI et tentez de gagner votre place au sein de la Team France qui défendra nos couleurs lors de l’European Cybersecurity Challenge.

Le France Cybersecurity Challenge (FCSC) est un Capture The Flag (CTF) de type jeopardy créé par les équipes de l’ANSSI et lancé en 2019.

Plus de 100 épreuves vous attendent : crypto, pwn, hardware, web, forensics… Avec une grande nouveauté : une journée de « speedrun » qui se déroulera le samedi 26 avril.

Rendez-vous sur FCSC 2025 !

Trois catégories d'âge à l'inscription

Catégorie junior :

  • Être né(e)s en 2005, 2006, 2007, 2008, 2009, 2010 ou 2011 ;
  • Être de nationalité française ;
  • Candidater pour intégrer la Team France et participer à l'European Cybersecurity Challenge (ECSC).

Catégorie senior :

  • Être né(e)s en 2000, 2001, 2002, 2003 ou 2004 ;
  • Être de nationalité française ;
  • Candidater pour intégrer la Team France et participer à l'European Cybersecurity Challenge (ECSC).

Hors catégorie :

  • Si vous n'êtes pas éligible pour une question d'âge ;
  • Si vous n'êtes pas de nationalité française ;
  • Si vous ne souhaitez pas candidater pour intégrer la Team France et participer à l'European Cybersecurity Challenge (ECSC).

Sélection pour l’European Cybersecurity Challenge

Vous avez moins de 25 ans ? Le FCSC est l’opportunité pour vous d’être sélectionné pour intégrer la Team France qui représentera le drapeau tricolore lors de l’European Cybersecurity Challenge (ECSC) 2025. La prochaine édition aura lieu à Varsovie en Pologne, du 6 au 10 octobre 2025.

FCSC 2025

Mon, 21 Apr 2025 07:04:00 GMT

read more

CVE-2025-43970 - GoBGP MRT Length Validation Buffer Overflow

CVE ID : CVE-2025-43970
Published : April 21, 2025, 1:15 a.m. | 13 hours, 58 minutes ago
Description : An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g., by ensuring that there are 12 bytes or 36 bytes (depending on the address family).
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 01:15:00 GMT

read more

CVE-2025-43971 - GoBGP Zero-Value Software Version Len Panic

CVE ID : CVE-2025-43971
Published : April 21, 2025, 1:15 a.m. | 13 hours, 58 minutes ago
Description : An issue was discovered in GoBGP before 3.35.0. pkg/packet/bgp/bgp.go allows attackers to cause a panic via a zero value for softwareVersionLen.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 01:15:00 GMT

read more

CVE-2025-43972 - GoBGP FlowSpec Parser Denial of Service

CVE ID : CVE-2025-43972
Published : April 21, 2025, 1:15 a.m. | 13 hours, 58 minutes ago
Description : An issue was discovered in GoBGP before 3.35.0. An attacker can cause a crash in the pkg/packet/bgp/bgp.go flowspec parser by sending fewer than 20 bytes in a certain context.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 01:15:00 GMT

read more

CVE-2025-43973 - GoBGP Buffer Overflow Vulnerability

CVE ID : CVE-2025-43973
Published : April 21, 2025, 1:15 a.m. | 13 hours, 58 minutes ago
Description : An issue was discovered in GoBGP before 3.35.0. pkg/packet/rtr/rtr.go does not verify that the input length corresponds to a situation in which all bytes are available for an RTR message.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 01:15:00 GMT

read more

CVE-2025-43961 - Fujifilm LibRaw Out-of-Bounds Read Vulnerability

CVE ID : CVE-2025-43961
Published : April 21, 2025, 12:15 a.m. | 14 hours, 58 minutes ago
Description : In LibRaw before 0.21.4, metadata/tiff.cpp has an out-of-bounds read in the Fujifilm 0xf00c tag parser.
Severity: 2.9 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 00:15:00 GMT

read more

CVE-2025-43962 - LibRaw Out-of-Bounds Read Vulnerability

CVE ID : CVE-2025-43962
Published : April 21, 2025, 12:15 a.m. | 14 hours, 58 minutes ago
Description : In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp has out-of-bounds reads for tag 0x412 processing, related to large w0 or w1 values or the frac and mult calculations.
Severity: 2.9 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 00:15:00 GMT

read more

CVE-2025-43963 - LibRaw Out-of-Bounds Access Vulnerability

CVE ID : CVE-2025-43963
Published : April 21, 2025, 12:15 a.m. | 14 hours, 58 minutes ago
Description : In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp allows out-of-buffer access because split_col and split_row values are not checked in 0x041f tag processing.
Severity: 2.9 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 00:15:00 GMT

read more

CVE-2025-43964 - LibRaw Unvalidated Memory Access Vulnerability

CVE ID : CVE-2025-43964
Published : April 21, 2025, 12:15 a.m. | 14 hours, 58 minutes ago
Description : In LibRaw before 0.21.4, tag 0x412 processing in phase_one_correct in decoders/load_mfbacks.cpp does not enforce minimum w0 and w1 values.
Severity: 2.9 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 00:15:00 GMT

read more

CVE-2025-43966 - Libheif NULL Pointer Dereference Vulnerability

CVE ID : CVE-2025-43966
Published : April 21, 2025, 12:15 a.m. | 14 hours, 58 minutes ago
Description : libheif before 1.19.6 has a NULL pointer dereference in ImageItem_iden in image-items/iden.cc.
Severity: 2.9 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 00:15:00 GMT

read more

CVE-2025-43967 - Libheif NULL Pointer Dereference Vulnerability

CVE ID : CVE-2025-43967
Published : April 21, 2025, 12:15 a.m. | 14 hours, 58 minutes ago
Description : libheif before 1.19.6 has a NULL pointer dereference in ImageItem_Grid::get_decoder in image-items/grid.cc because a grid image can reference a nonexistent image item.
Severity: 2.9 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 21 Apr 2025 00:15:00 GMT

read more

CVE-2020-36844 - KnowBe4 Security Awareness Training Reflective Cross-Site Scripting

CVE ID : CVE-2020-36844
Published : April 20, 2025, 10:15 p.m. | 16 hours, 58 minutes ago
Description : The KnowBe4 Security Awareness Training application before 2020-01-10 allows reflected XSS. The response has a SCRIPT element that sets window.location.href to a JavaScript URL.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 20 Apr 2025 22:15:00 GMT

read more

CVE-2020-36845 - KnowBe4 Security Awareness Training Cross-Site Scripting (XSS)

CVE ID : CVE-2020-36845
Published : April 20, 2025, 10:15 p.m. | 16 hours, 58 minutes ago
Description : The KnowBe4 Security Awareness Training application before 2020-01-10 contains a redirect function that does not validate the destination URL before redirecting. The response has a SCRIPT element that sets window.location.href to an arbitrary https URL.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 20 Apr 2025 22:15:00 GMT

read more

CVE-2025-43955 - Convertigo TwsCachedXPathAPI Commons-JXPath API Deserialization Vulnerability

CVE ID : CVE-2025-43955
Published : April 20, 2025, 8:15 p.m. | 18 hours, 58 minutes ago
Description : TwsCachedXPathAPI in Convertigo through 8.3.4 does not restrict the use of commons-jxpath APIs.
Severity: 2.2 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 20 Apr 2025 20:15:00 GMT

read more

CVE-2025-43954 - QMarkdown Quasar-ui-QMarkdown Cross-Site Scripting (XSS)

CVE ID : CVE-2025-43954
Published : April 20, 2025, 7:15 p.m. | 19 hours, 58 minutes ago
Description : QMarkdown (aka quasar-ui-qmarkdown) before 2.0.5 allows XSS via headers even when when no-html is set.
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 20 Apr 2025 19:15:00 GMT

read more

CVE-2025-3830 - Kuangstudy KuangSimpleBBS Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-3830
Published : April 20, 2025, 5:15 p.m. | 21 hours, 58 minutes ago
Description : A vulnerability was found in kuangstudy KuangSimpleBBS 1.0. It has been declared as critical. Affected by this vulnerability is the function fileUpload of the file src/main/java/com/kuang/controller/QuestionController.java. The manipulation of the argument editormd-image-file leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 20 Apr 2025 17:15:00 GMT

read more

CVE-2025-3828 - PHPGurukul Men Salon Management System SQL Injection Vulnerability

CVE ID : CVE-2025-3828
Published : April 20, 2025, 4:15 p.m. | 22 hours, 58 minutes ago
Description : A vulnerability was found in PHPGurukul Men Salon Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/view-appointment.php?viewid=11. The manipulation of the argument remark leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 20 Apr 2025 16:15:00 GMT

read more

CVE-2025-3829 - PHPGurukul Men Salon Management System SQL Injection Vulnerability

CVE ID : CVE-2025-3829
Published : April 20, 2025, 4:15 p.m. | 22 hours, 58 minutes ago
Description : A vulnerability was found in PHPGurukul Men Salon Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/sales-reports-detail.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 20 Apr 2025 16:15:00 GMT

read more

CVE-2025-3827 - PHPGurukul Men Salon Management System SQL Injection Vulnerability

CVE ID : CVE-2025-3827
Published : April 20, 2025, 3:15 p.m. | 21 hours, 7 minutes ago
Description : A vulnerability has been found in PHPGurukul Men Salon Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/forgot-password.php. The manipulation of the argument email leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 20 Apr 2025 15:15:00 GMT

read more

CVE-2025-3826 - SourceCodester Web-based Pharmacy Product Management System Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3826
Published : April 20, 2025, 1:15 p.m. | 23 hours, 7 minutes ago
Description : A vulnerability, which was classified as problematic, was found in SourceCodester Web-based Pharmacy Product Management System 1.0. This affects an unknown part of the file add-supplier.php. The manipulation of the argument txtsupplier_name/txtaddress leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 20 Apr 2025 13:15:00 GMT

read more

CVE-2025-3825 - SourceCodester Web-based Pharmacy Product Management System Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3825
Published : April 20, 2025, 12:15 p.m. | 1 day ago
Description : A vulnerability, which was classified as problematic, has been found in SourceCodester Web-based Pharmacy Product Management System 1.0. Affected by this issue is some unknown functionality of the file add-category.php. The manipulation of the argument txtcategory_name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 20 Apr 2025 12:15:00 GMT

read more

CVE-2025-3823 - SourceCodester Web-based Pharmacy Product Management System Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3823
Published : April 20, 2025, 11:15 a.m. | 22 hours, 27 minutes ago
Description : A vulnerability classified as problematic has been found in SourceCodester Web-based Pharmacy Product Management System 1.0. Affected is an unknown function of the file add-stock.php. The manipulation of the argument txttotalcost/txtproductID/txtprice/txtexpirydate leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 20 Apr 2025 11:15:00 GMT

read more

CVE-2025-3824 - SourceCodester Web-based Pharmacy Product Management System Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3824
Published : April 20, 2025, 11:15 a.m. | 22 hours, 27 minutes ago
Description : A vulnerability classified as problematic was found in SourceCodester Web-based Pharmacy Product Management System 1.0. Affected by this vulnerability is an unknown functionality of the file add-product.php. The manipulation of the argument txtprice/txtproduct_name leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 20 Apr 2025 11:15:00 GMT

read more

CVE-2025-3822 - SourceCodester Web-based Pharmacy Product Management System Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3822
Published : April 20, 2025, 7:15 a.m. | 1 day, 2 hours ago
Description : A vulnerability was found in SourceCodester Web-based Pharmacy Product Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file changepassword.php. The manipulation of the argument txtconfirm_password/txtnew_password/txtold_password leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 20 Apr 2025 07:15:00 GMT

read more

CVE-2025-3821 - SourceCodester Web-based Pharmacy Product Management System Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3821
Published : April 20, 2025, 4:15 a.m. | 1 day, 3 hours ago
Description : A vulnerability was found in SourceCodester Web-based Pharmacy Product Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file add-admin.php. The manipulation of the argument txtpassword/txtfullname/txtemail leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 20 Apr 2025 04:15:00 GMT

read more

CVE-2025-43929 - Kitty Open Actions Local File Execution Vulnerability

CVE ID : CVE-2025-43929
Published : April 20, 2025, 3:15 a.m. | 1 day, 2 hours ago
Description : open_actions.py in kitty before 0.41.0 does not ask for user confirmation before running a local executable file that may have been linked from an untrusted document (e.g., a document opened in KDE ghostwriter).
Severity: 4.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 20 Apr 2025 03:15:00 GMT

read more

CVE-2025-43928 - Infodraw Media Relay Service File Reading Vulnerability

CVE ID : CVE-2025-43928
Published : April 20, 2025, 3:15 a.m. | 20 hours, 36 minutes ago
Description : In Infodraw Media Relay Service (MRS) 7.1.0.0, the MRS web server (on port 12654) allows reading arbitrary files via ../ directory traversal in the username field. Reading ServerParameters.xml may reveal administrator credentials in cleartext or with MD5 hashing.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 20 Apr 2025 03:15:00 GMT

read more

CVE-2025-43919 - cPanel WHM GNU Mailman File Traversal Vulnerability

CVE ID : CVE-2025-43919
Published : April 20, 2025, 1:15 a.m. | 22 hours, 36 minutes ago
Description : GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to read arbitrary files via ../ directory traversal at /mailman/private/mailman (aka the private archive authentication endpoint) via the username parameter.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 20 Apr 2025 01:15:00 GMT

read more

CVE-2025-43920 - cPanel WHM Shell Command Injection Vulnerability

CVE ID : CVE-2025-43920
Published : April 20, 2025, 1:15 a.m. | 22 hours, 36 minutes ago
Description : GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to execute arbitrary OS commands via shell metacharacters in an email Subject line.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 20 Apr 2025 01:15:00 GMT

read more

CVE-2025-43921 - cPanel WHM GNU Mailman Unauthenticated List Creation Vulnerability

CVE ID : CVE-2025-43921
Published : April 20, 2025, 1:15 a.m. | 22 hours, 36 minutes ago
Description : GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to create lists via the /mailman/create endpoint.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 20 Apr 2025 01:15:00 GMT

read more

CVE-2023-26819 - cJSON Denial of Service (DoS)

CVE ID : CVE-2023-26819
Published : April 19, 2025, 10:15 p.m. | 1 day, 1 hour ago
Description : cJSON 1.7.15 might allow a denial of service via a crafted JSON document such as {"a": true, "b": [ null,9999999999999999999999999999999999999999999999912345678901234567]}.
Severity: 2.9 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 22:15:00 GMT

read more

CVE-2023-30421 - Mjson strtod Denial of Service (DoS)

CVE ID : CVE-2023-30421
Published : April 19, 2025, 10:15 p.m. | 1 day, 1 hour ago
Description : mystrtod in mjson 1.2.7 requires more than a billion iterations during processing of certain digit strings such as 8891110122900e913013935755114.
Severity: 2.9 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 22:15:00 GMT

read more

CVE-2025-43918 - SSL.com Domain Validation Email Spoofing Vulnerability

CVE ID : CVE-2025-43918
Published : April 19, 2025, 10:15 p.m. | 1 day, 1 hour ago
Description : SSL.com before 2025-04-19, when domain validation method 3.2.2.4.14 is used, processes certificate requests such that a trusted TLS certificate may be issued for the domain name of a requester's email address, even when the requester does not otherwise establish administrative control of that domain.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 22:15:00 GMT

read more

CVE-2022-47111 - 7-Zip XZ File Format Parsing Vulnerability

CVE ID : CVE-2022-47111
Published : April 19, 2025, 9:15 p.m. | 1 day, 2 hours ago
Description : 7-Zip 22.01 does not report an error for certain invalid xz files, involving block flags and reserved bits. Some later versions are unaffected.
Severity: 2.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 21:15:00 GMT

read more

CVE-2022-47112 - 7-Zip XZ File Format Parsing Vulnerability

CVE ID : CVE-2022-47112
Published : April 19, 2025, 9:15 p.m. | 1 day, 2 hours ago
Description : 7-Zip 22.01 does not report an error for certain invalid xz files, involving stream flags and reserved bits. Some later versions are unaffected.
Severity: 2.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 21:15:00 GMT

read more

CVE-2025-3820 - Tenda W12 and i24 Remote Stack-Based Buffer Overflow

CVE ID : CVE-2025-3820
Published : April 19, 2025, 9:15 p.m. | 1 day, 2 hours ago
Description : A vulnerability was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644) and classified as critical. Affected by this issue is the function cgiSysUplinkCheckSet of the file /bin/httpd. The manipulation of the argument hostIp1/hostIp2 leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 21:15:00 GMT

read more

CVE-2025-3818 - Webpy Web.py PostgresDB SQL Injection Vulnerability

CVE ID : CVE-2025-3818
Published : April 19, 2025, 8:15 p.m. | 1 day, 1 hour ago
Description : A vulnerability, which was classified as critical, was found in webpy web.py 0.70. Affected is the function PostgresDB._process_insert_query of the file web/db.py. The manipulation of the argument seqname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 20:15:00 GMT

read more

CVE-2025-3819 - PHPGurukul Men Salon Management System SQL Injection Vulnerability

CVE ID : CVE-2025-3819
Published : April 19, 2025, 8:15 p.m. | 1 day, 1 hour ago
Description : A vulnerability has been found in PHPGurukul Men Salon Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/search-appointment.php. The manipulation of the argument searchdata leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 20:15:00 GMT

read more

CVE-2025-43917 - Pritunl Client Privilege Escalation Vulnerability

CVE ID : CVE-2025-43917
Published : April 19, 2025, 7:15 p.m. | 1 day ago
Description : In Pritunl Client before 1.3.4220.57, an administrator with access to /Applications can escalate privileges after uninstalling the product. Specifically, an administrator can insert a new file at the pathname of the removed pritunl-service file. This file then is executed by a LaunchDaemon as root.
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 19:15:00 GMT

read more

CVE-2025-3817 - SourceCodester Online Eyewear Shop SQL Injection Vulnerability

CVE ID : CVE-2025-3817
Published : April 19, 2025, 7:15 p.m. | 22 hours, 27 minutes ago
Description : A vulnerability, which was classified as critical, has been found in SourceCodester Online Eyewear Shop 1.0. This issue affects some unknown processing of the file /oews/classes/Master.php?f=delete_stock. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 19:15:00 GMT

read more

CVE-2025-3808 - Zhenfeng13 My-BBS Cross-Site Request Forgery Vulnerability

CVE ID : CVE-2025-3808
Published : April 19, 2025, 6:15 p.m. | 21 hours, 36 minutes ago
Description : A vulnerability has been found in zhenfeng13 My-BBS 1.0 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Multiple endpoints might be affected.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 18:15:00 GMT

read more

CVE-2025-3816 - Westboy CicadasCMS OS Command Injection Vulnerability

CVE ID : CVE-2025-3816
Published : April 19, 2025, 6:15 p.m. | 21 hours, 36 minutes ago
Description : A vulnerability classified as critical was found in westboy CicadasCMS 2.0. This vulnerability affects unknown code of the file /system/schedule/save of the component Scheduled Task Handler. The manipulation leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 18:15:00 GMT

read more

CVE-2025-3807 - Zhenfeng13 My-BBS Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-3807
Published : April 19, 2025, 5:15 p.m. | 22 hours, 36 minutes ago
Description : A vulnerability, which was classified as critical, was found in zhenfeng13 My-BBS 1.0. This affects the function Upload of the file src/main/java/com/my/bbs/controller/common/UploadController.java of the component Endpoint. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 17:15:00 GMT

read more

CVE-2025-3806 - Dazhouda Lcms Cross Site Scripting Vulnerability

CVE ID : CVE-2025-3806
Published : April 19, 2025, 5:15 p.m. | 18 hours, 27 minutes ago
Description : A vulnerability, which was classified as problematic, has been found in dazhouda lecms up to 3.0.3. Affected by this issue is some unknown functionality of the file /admin of the component Edit Profile Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 17:15:00 GMT

read more

CVE-2025-3804 - Thautwarm VSCode-Diana Jinja2 Template Handler Injection Vulnerability

CVE ID : CVE-2025-3804
Published : April 19, 2025, 4:15 p.m. | 19 hours, 27 minutes ago
Description : A vulnerability classified as critical has been found in thautwarm vscode-diana 0.0.1. Affected is an unknown function of the file Gen.py of the component Jinja2 Template Handler. The manipulation leads to injection. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 16:15:00 GMT

read more

CVE-2025-3805 - Jinja2 Template Handler Local File Injection Vulnerability in Sarrionandia Tournatrack

CVE ID : CVE-2025-3805
Published : April 19, 2025, 4:15 p.m. | 19 hours, 27 minutes ago
Description : A vulnerability classified as critical was found in sarrionandia tournatrack up to 4c13a23f43da5317eea4614870a7a8510fc540ec. Affected by this vulnerability is an unknown functionality of the file check_id.py of the component Jinja2 Template Handler. The manipulation of the argument ID leads to injection. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 16:15:00 GMT

read more

CVE-2025-3802 - Tenda W12 and i24 HTTPd cgiPingSet Stack-Based Buffer Overflow

CVE ID : CVE-2025-3802
Published : April 19, 2025, 3:15 p.m. | 18 hours, 36 minutes ago
Description : A vulnerability was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644). It has been declared as critical. This vulnerability affects the function cgiPingSet of the file /bin/httpd. The manipulation of the argument pingIP leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 15:15:00 GMT

read more

CVE-2025-3803 - Tenda W12 and i24 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-3803
Published : April 19, 2025, 3:15 p.m. | 18 hours, 36 minutes ago
Description : A vulnerability was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644). It has been rated as critical. This issue affects the function cgiSysScheduleRebootSet of the file /bin/httpd. The manipulation of the argument rebootDate leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 15:15:00 GMT

read more

CVE-2025-3801 - Songquanpeng One-Api Cross Site Scripting Vulnerability

CVE ID : CVE-2025-3801
Published : April 19, 2025, 2:15 p.m. | 16 hours, 30 minutes ago
Description : A vulnerability was found in songquanpeng one-api up to 0.6.10. It has been classified as problematic. This affects an unknown part of the component System Setting Handler. The manipulation of the argument Homepage Content leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 14:15:00 GMT

read more

CVE-2025-3800 - Oracle WCMS SQL Injection Vulnerability

CVE ID : CVE-2025-3800
Published : April 19, 2025, 12:15 p.m. | 14 hours, 29 minutes ago
Description : A vulnerability has been found in WCMS 11 and classified as critical. Affected by this vulnerability is an unknown functionality of the file app/controllers/AnonymousController.php. The manipulation of the argument mobile_phone leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 12:15:00 GMT

read more

CVE-2025-3799 - WordPress CMS SQL Injection Vulnerability

CVE ID : CVE-2025-3799
Published : April 19, 2025, 11:15 a.m. | 15 hours, 29 minutes ago
Description : A vulnerability, which was classified as critical, was found in WCMS 11. Affected is an unknown function of the file app/controllers/AnonymousController.php. The manipulation of the argument email/username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 11:15:00 GMT

read more

CVE-2025-3798 - Apache WCMS Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-3798
Published : April 19, 2025, 10:15 a.m. | 16 hours, 29 minutes ago
Description : A vulnerability, which was classified as critical, has been found in WCMS 11. This issue affects the function sub of the file app/admin/AdvadminController.php of the component Advertisement Image Handler. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 10:15:00 GMT

read more

CVE-2025-3661 - WordPress SB Chart Block Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3661
Published : April 19, 2025, 10:15 a.m. | 14 hours, 29 minutes ago
Description : The SB Chart block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘className’ parameter in all versions up to, and including, 1.2.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 10:15:00 GMT

read more

CVE-2021-4455 - "Wordpress Smart Product Review Plugin File Upload Vulnerability"

CVE ID : CVE-2021-4455
Published : April 19, 2025, 8:15 a.m. | 16 hours, 29 minutes ago
Description : The Wordpress Plugin Smart Product Review plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including, 1.0.4. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 08:15:00 GMT

read more

CVE-2025-3404 - "WordPress Download Manager Arbitrary File Deletion Vulnerability"

CVE ID : CVE-2025-3404
Published : April 19, 2025, 8:15 a.m. | 16 hours, 29 minutes ago
Description : The Download Manager plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the savePackage function in all versions up to, and including, 3.3.12. This makes it possible for authenticated attackers, with Author-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 08:15:00 GMT

read more

CVE-2025-3797 - SeaCMS SQL Injection Vulnerability

CVE ID : CVE-2025-3797
Published : April 19, 2025, 7:15 a.m. | 14 hours, 45 minutes ago
Description : A vulnerability classified as critical was found in SeaCMS up to 13.3. This vulnerability affects unknown code of the file /admin_topic.php?action=delall. The manipulation of the argument e_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 07:15:00 GMT

read more

CVE-2025-2111 - WordPress Insert Headers And Footers CSRF

CVE ID : CVE-2025-2111
Published : April 19, 2025, 6:15 a.m. | 15 hours, 45 minutes ago
Description : The Insert Headers And Footers plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.1. This is due to missing or incorrect nonce validation on the 'custom_plugin_set_option' function. This makes it possible for unauthenticated attackers to update arbitrary options on the WordPress site via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site. The 'WPBRIGADE_SDK__DEV_MODE' constant must be set to 'true' to exploit the vulnerability.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 06:15:00 GMT

read more

CVE-2025-3809 - WordPress Debug Log Manager Stored Cross-Site Scripting

CVE ID : CVE-2025-3809
Published : April 19, 2025, 6:15 a.m. | 15 hours, 45 minutes ago
Description : The Debug Log Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the auto-refresh debug log in all versions up to, and including, 2.3.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 06:15:00 GMT

read more

CVE-2024-13926 - WordPress WP-Syntax Regular Expression Denial of Service (DoS)

CVE ID : CVE-2024-13926
Published : April 19, 2025, 6:15 a.m. | 8 hours, 28 minutes ago
Description : The WP-Syntax WordPress plugin through 1.2 does not properly handle input, allowing an attacker to create a post containing a large number of tags, thereby exploiting a catastrophic backtracking issue in the regular expression processing to cause a DoS.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 06:15:00 GMT

read more

CVE-2025-3103 - Elementor CLEVER WordPress File Read Vulnerability

CVE ID : CVE-2025-3103
Published : April 19, 2025, 5:15 a.m. | 9 hours, 28 minutes ago
Description : The CLEVER - HTML5 Radio Player With History - Shoutcast and Icecast - Elementor Widget Addon plugin for WordPress is vulnerable to arbitrary file read due to insufficient file path validation in the 'history.php' file in all versions up to, and including, 2.4. This makes it possible for unauthenticated attackers to read arbitrary files on the affected site's server, which may contain sensitive information including database credentials. The vulnerability was partially patched in version 2.4.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 05:15:00 GMT

read more

CVE-2025-1093 - WordPress AIHub Theme Remote Code Execution File Upload Vulnerability

CVE ID : CVE-2025-1093
Published : April 19, 2025, 4:15 a.m. | 10 hours, 28 minutes ago
Description : The AIHub theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the generate_image function in all versions up to, and including, 1.3.7. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 04:15:00 GMT

read more

CVE-2025-1457 - Elementor Element Pack Addons Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-1457
Published : April 19, 2025, 4:15 a.m. | 10 hours, 28 minutes ago
Description : The Element Pack Addons for Elementor – Free Templates and Widgets for Your WordPress Websites plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Wrapper Link, Countdown and Gallery widgets in all versions up to, and including, 5.10.28 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 04:15:00 GMT

read more

CVE-2025-3275 - Themesflat Addons For Elementor Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3275
Published : April 19, 2025, 4:15 a.m. | 10 hours, 28 minutes ago
Description : The Themesflat Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the TF E Slider widget in all versions up to, and including, 2.2.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 04:15:00 GMT

read more

CVE-2025-3284 - WordPress User Registration Membership CSRF Vulnerability

CVE ID : CVE-2025-3284
Published : April 19, 2025, 3:15 a.m. | 11 hours, 28 minutes ago
Description : The User Registration & Membership – Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.1.3. This is due to missing or incorrect nonce validation on the user_registration_pro_delete_account() function. This makes it possible for unauthenticated attackers to force delete users, including administrators, via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 03:15:00 GMT

read more

CVE-2025-43893 - Apache HTTP Server Cross-Site Request Forgery (CSRF)

CVE ID : CVE-2025-43893
Published : April 19, 2025, 3:15 a.m. | 11 hours, 28 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 03:15:00 GMT

read more

CVE-2025-43894 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-43894
Published : April 19, 2025, 3:15 a.m. | 11 hours, 28 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 03:15:00 GMT

read more

CVE-2025-43895 - Apache Struts Command Injection

CVE ID : CVE-2025-43895
Published : April 19, 2025, 3:15 a.m. | 11 hours, 28 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 03:15:00 GMT

read more

CVE-2025-43896 - Apache HTTP Server SQL Injection

CVE ID : CVE-2025-43896
Published : April 19, 2025, 3:15 a.m. | 11 hours, 28 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 03:15:00 GMT

read more

CVE-2025-43897 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-43897
Published : April 19, 2025, 3:15 a.m. | 11 hours, 28 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 03:15:00 GMT

read more

CVE-2025-43898 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-43898
Published : April 19, 2025, 3:15 a.m. | 11 hours, 28 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 03:15:00 GMT

read more

CVE-2025-43899 - Apache Apache Struts Command Injection

CVE ID : CVE-2025-43899
Published : April 19, 2025, 3:15 a.m. | 11 hours, 28 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 03:15:00 GMT

read more

CVE-2025-43900 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-43900
Published : April 19, 2025, 3:15 a.m. | 11 hours, 28 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 03:15:00 GMT

read more

CVE-2025-43901 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-43901
Published : April 19, 2025, 3:15 a.m. | 11 hours, 28 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 03:15:00 GMT

read more

CVE-2025-3278 - "UrbanGo Membership Plugin Privilege Escalation Vulnerability"

CVE ID : CVE-2025-3278
Published : April 19, 2025, 3:15 a.m. | 10 hours, 36 minutes ago
Description : The UrbanGo Membership plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.0.4. This is due to the plugin allowing users who are registering new accounts to set their own role or by supplying 'user_register_role' field. This makes it possible for unauthenticated attackers to gain elevated privileges by creating an account with the administrator role.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 03:15:00 GMT

read more

CVE-2025-2010 - JobWP WordPress SQL Injection Vulnerability

CVE ID : CVE-2025-2010
Published : April 19, 2025, 3:15 a.m. | 3 hours, 27 minutes ago
Description : The JobWP – Job Board, Job Listing, Career Page and Recruitment Plugin plugin for WordPress is vulnerable to SQL Injection via the 'jobwp_upload_resume' parameter in all versions up to, and including, 2.3.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 19 Apr 2025 03:15:00 GMT

read more

CVE-2024-53591 - Seclore Brute Force Authentication Bypass

CVE ID : CVE-2024-53591
Published : April 18, 2025, 9:15 p.m. | 9 hours, 27 minutes ago
Description : An issue in the login page of Seclore v3.27.5.0 allows attackers to bypass authentication via a brute force attack.
Severity: 2.6 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 21:15:00 GMT

read more

CVE-2025-29058 - Qimou CMS Remote Code Execution Vulnerability

CVE ID : CVE-2025-43903
Published : April 18, 2025, 9:15 p.m. | 13 hours, 28 minutes ago
Description : NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forgeries.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 21:15:00 GMT

read more

CVE-2025-3796 - PHPGurukul Men Salon Management System SQL Injection Vulnerability

CVE ID : CVE-2025-3796
Published : April 18, 2025, 9:15 p.m. | 12 hours, 35 minutes ago
Description : A vulnerability classified as critical has been found in PHPGurukul Men Salon Management System 1.0. This affects an unknown part of the file /admin/contact-us.php. The manipulation of the argument pagetitle/pagedes/email/mobnumber/timing leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 21:15:00 GMT

read more

CVE-2025-3795 - "DaiCuo SEO Optimization Settings Section Cross-Site Scripting Vulnerability"

CVE ID : CVE-2025-3795
Published : April 18, 2025, 8:15 p.m. | 10 hours, 27 minutes ago
Description : A vulnerability was found in DaiCuo 1.3.13. It has been rated as problematic. Affected by this issue is some unknown functionality of the component SEO Optimization Settings Section. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 20:15:00 GMT

read more

CVE-2024-57493 - RedoxOS Relibc Denial of Service Vulnerability

CVE ID : CVE-2024-57493
Published : April 18, 2025, 8:15 p.m. | 6 hours, 27 minutes ago
Description : An issue in redoxOS relibc before commit 98aa4ea5 allows a local attacker to cause a denial of service via the setsockopt function.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 20:15:00 GMT

read more

CVE-2025-25983 - Macro-video Technologies Co.,Ltd V380 Pro Android Information Disclosure

CVE ID : CVE-2025-25983
Published : April 18, 2025, 8:15 p.m. | 6 hours, 27 minutes ago
Description : An issue in Macro-video Technologies Co.,Ltd V380 Pro android application 2.1.44 and V380 Pro android application 2.1.64 allows an attacker to obtain sensitive information via the QE code based sharing component.
Severity: 3.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 20:15:00 GMT

read more

CVE-2025-25984 - Macro-video Technologies Co.,Ltd V380E6_C1 IP Camera UART Code Execution Vulnerability

CVE ID : CVE-2025-25984
Published : April 18, 2025, 8:15 p.m. | 6 hours, 27 minutes ago
Description : An issue in Macro-video Technologies Co.,Ltd V380E6_C1 IP camera (Hw_HsAKPIQp_WF_XHR) 1020302 allows a physically proximate attacker to execute arbitrary code via UART component.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 20:15:00 GMT

read more

CVE-2025-25985 - Macro-video Technologies Co.,Ltd V380E6_C1 IP Camera Physical Code Execution Vulnerability

CVE ID : CVE-2025-25985
Published : April 18, 2025, 8:15 p.m. | 6 hours, 27 minutes ago
Description : An issue in Macro-video Technologies Co.,Ltd V380E6_C1 IP camera (Hw_HsAKPIQp_WF_XHR) 1020302 allows a physically proximate attacker to execute arbitrary code via the /mnt/mtd/mvconf/wifi.ini and /mnt/mtd/mvconf/user_info.ini components.
Severity: 2.6 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 20:15:00 GMT

read more

CVE-2025-28197 - Crawl4AI SSRF

CVE ID : CVE-2025-28197
Published : April 18, 2025, 8:15 p.m. | 6 hours, 27 minutes ago
Description : Crawl4AI <=0.4.247 is vulnerable to SSRF in /crawl4ai/async_dispatcher.py.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 20:15:00 GMT

read more

CVE-2025-32377 - Rasa Pro Unauthenticated Voice Data Injection Vulnerability

CVE ID : CVE-2025-32377
Published : April 18, 2025, 8:15 p.m. | 6 hours, 27 minutes ago
Description : Rasa Pro is a framework for building scalable, dynamic conversational AI assistants that integrate large language models (LLMs). A vulnerability has been identified in Rasa Pro where voice connectors in Rasa Pro do not properly implement authentication even when a token is configured in the credentials.yml file. This could allow an attacker to submit voice data to the Rasa Pro assistant from an unauthenticated source. This issue has been patched for audiocodes, audiocodes_stream, and genesys connectors in versions 3.9.20, 3.10.19, 3.11.7 and 3.12.6.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 20:15:00 GMT

read more

CVE-2025-36625 - Nessus HTTP Request Manipulation Information Disclosure

CVE ID : CVE-2025-36625
Published : April 18, 2025, 8:15 p.m. | 6 hours, 27 minutes ago
Description : In Nessus versions prior to 10.8.4, a non-authenticated attacker could alter Nessus logging entries by manipulating http requests to the application.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 20:15:00 GMT

read more

CVE-2025-24914 - Nessus Windows Unsecured Directory Permissions Vulnerability

CVE ID : CVE-2025-24914
Published : April 18, 2025, 7:15 p.m. | 7 hours, 27 minutes ago
Description : When installing Nessus to a non-default location on a Windows host, Nessus versions prior to 10.8.4 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the directories in the non-default installation location. - CVE-2025-24914
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 19:15:00 GMT

read more

CVE-2025-28355 - Volmarg Personal Management System CSRF Attack

CVE ID : CVE-2025-28355
Published : April 18, 2025, 7:15 p.m. | 7 hours, 27 minutes ago
Description : Volmarg Personal Management System 1.4.65 is vulnerable to Cross Site Request Forgery (CSRF) allowing attackers to execute arbitrary code and obtain sensitive information via the SameSite cookie attribute defaults value set to none
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 19:15:00 GMT

read more

CVE-2025-1697 - HP Touchpoint Analytics Service Privilege Escalation Vulnerability

CVE ID : CVE-2025-1697
Published : April 18, 2025, 6:15 p.m. | 8 hours, 27 minutes ago
Description : A potential security vulnerability has been identified in the HP Touchpoint Analytics Service for certain HP PC products with versions prior to 4.2.2439. This vulnerability could potentially allow a local attacker to escalate privileges. HP is providing software updates to mitigate this potential vulnerability.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 18:15:00 GMT

read more

CVE-2025-28231 - Itel Electronics IP Stream Remote Command Execution Vulnerability

CVE ID : CVE-2025-28231
Published : April 18, 2025, 6:15 p.m. | 8 hours, 27 minutes ago
Description : Incorrect access control in Itel Electronics IP Stream v1.7.0.6 allows unauthorized attackers to execute arbitrary commands with Administrator privileges.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 18:15:00 GMT

read more

CVE-2025-28233 - BW Broadcast TX600/150/1000/30/50 Authentication Bypass Vulnerability

CVE ID : CVE-2025-28233
Published : April 18, 2025, 6:15 p.m. | 8 hours, 27 minutes ago
Description : Incorrect access control in BW Broadcast TX600 (14980), TX300 (32990) (31448), TX150, TX1000, TX30, and TX50 Hardware Version: 2, Software Version: 1.6.0, Control Version: 1.0, AIO Firmware Version: 1.7 allows attackers to access log files and extract session identifiers to execute a session hijacking attack.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 18:15:00 GMT

read more

CVE-2025-28235 - Soundcraft Ui Series Information Disclosure

CVE ID : CVE-2025-28235
Published : April 18, 2025, 6:15 p.m. | 8 hours, 27 minutes ago
Description : An information disclosure vulnerability in the component /socket.io/1/websocket/ of Soundcraft Ui Series Model(s) Ui12 and Ui16 Firmware v1.0.7x and v1.0.5x allows attackers to access Administrator credentials in plaintext.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 18:15:00 GMT

read more

CVE-2025-28236 - Nautel VX Series Transmitters Remote Code Execution Vulnerability

CVE ID : CVE-2025-28236
Published : April 18, 2025, 6:15 p.m. | 8 hours, 27 minutes ago
Description : Nautel VX Series transmitters VX SW v6.4.0 and below was discovered to contain a remote code execution (RCE) vulnerability in the firmware update process. This vulnerability allows attackers to execute arbitrary code via supplying a crafted update package to the /#/software/upgrades endpoint.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 18:15:00 GMT

read more

CVE-2025-28237 - WorldCast Systems ECRESO FM/DAB/TV Transmitter Privilege Escalation Vulnerability

CVE ID : CVE-2025-28237
Published : April 18, 2025, 6:15 p.m. | 8 hours, 27 minutes ago
Description : An issue in WorldCast Systems ECRESO FM/DAB/TV Transmitter v1.10.1 allows authenticated attackers to escalate privileges via a crafted JSON payload.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 18:15:00 GMT

read more

CVE-2025-28238 - Elber REBLE310 Session Hijacking Vulnerability

CVE ID : CVE-2025-28238
Published : April 18, 2025, 6:15 p.m. | 8 hours, 27 minutes ago
Description : Improper session management in Elber REBLE310 Firmware v5.5.1.R , Equipment Model: REBLE310/RX10/4ASI allows attackers to execute a session hijacking attack.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 18:15:00 GMT

read more

CVE-2025-28242 - DAEnetIP4 METO Session Hijacking Vulnerability

CVE ID : CVE-2025-28242
Published : April 18, 2025, 6:15 p.m. | 8 hours, 27 minutes ago
Description : Improper session management in the /login_ok.htm endpoint of DAEnetIP4 METO v1.25 allows attackers to execute a session hijacking attack.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 18:15:00 GMT

read more

CVE-2025-29512 - NodeBB Cross-Site Scripting (XSS)

CVE ID : CVE-2025-29512
Published : April 18, 2025, 6:15 p.m. | 8 hours, 27 minutes ago
Description : Cross-Site Scripting (XSS) vulnerability in NodeBB v4.0.4 and before allows remote attackers to store arbitrary code and potentially render the blacklist IP functionality unusable until content is removed via the database.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 18:15:00 GMT

read more

CVE-2025-29513 - NodeBB XSS Stored

CVE ID : CVE-2025-29513
Published : April 18, 2025, 6:15 p.m. | 8 hours, 27 minutes ago
Description : Cross-Site Scripting (XSS) vulnerability in NodeBB v4.0.4 and before allows remote attackers to store arbitrary code in the admin API Access token generator.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 18:15:00 GMT

read more

CVE-2024-41447 - Alkacon OpenCMS Stored Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2024-41447
Published : April 18, 2025, 5:15 p.m. | 2 hours, 35 minutes ago
Description : A stored cross-site scripting (XSS) vulnerability in Alkacon OpenCMS v17.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the author parameter under the Create/Modify article function.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 17:15:00 GMT

read more

CVE-2025-28059 - Nagios Network Analyzer Session Hijacking Vulnerability

CVE ID : CVE-2025-28059
Published : April 18, 2025, 5:15 p.m. | 2 hours, 35 minutes ago
Description : An access control vulnerability in Nagios Network Analyzer 2024R1.0.3 allows deleted users to retain access to system resources due to improper session invalidation and stale token handling. When an administrator deletes a user account, the backend fails to terminate active sessions and revoke associated API tokens, enabling unauthorized access to restricted functions.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 17:15:00 GMT

read more

CVE-2025-29953 - Apache ActiveMQ NMS OpenWire Client Arbitrary Code Execution via Untrusted Deserialization

CVE ID : CVE-2025-29953
Published : April 18, 2025, 4:15 p.m. | 3 hours, 35 minutes ago
Description : Deserialization of Untrusted Data vulnerability in Apache ActiveMQ NMS OpenWire Client. This issue affects Apache ActiveMQ NMS OpenWire Client before 2.1.1 when performing connections to untrusted servers. Such servers could abuse the unbounded deserialization in the client to provide malicious responses that may eventually cause arbitrary code execution on the client. Version 2.1.0 introduced a allow/denylist feature to restrict deserialization, but this feature could be bypassed. The .NET team has deprecated the built-in .NET binary serialization feature starting with .NET 9 and suggests migrating away from binary serialization. The project is considering to follow suit and drop this part of the NMS API altogether. Users are recommended to upgrade to version 2.1.1, which fixes the issue. We also recommend to migrate away from relying on .NET binary serialization as a hardening method for the future.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 16:15:00 GMT

read more

CVE-2025-30158 - NamelessMC DoS Frame Injection Vulnerability

CVE ID : CVE-2025-30158
Published : April 18, 2025, 4:15 p.m. | 3 hours, 35 minutes ago
Description : NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, the forum allows users to post iframe elements inside forum topics/comments/feed with no restriction on the iframe's width and height attributes. This allows an authenticated attacker to perform a UI-based denial of service (DoS) by injecting oversized iframes that block the forum UI and disrupt normal user interactions. This issue has been patched in version 2.2.0.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 16:15:00 GMT

read more

CVE-2025-30357 - NamelessMC Comment Deletion Privilege Escalation Vulnerability

CVE ID : CVE-2025-30357
Published : April 18, 2025, 4:15 p.m. | 3 hours, 35 minutes ago
Description : NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, if a malicious user is leaving spam comments on many topics then an administrator, unable to manually remove each spam comment, may delete the malicious account. Once an administrator deletes the malicious user's account, all their posts (comments) along with the associated topics (by unrelated users) will be marked as deleted. This issue has been patched in version 2.2.0.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 16:15:00 GMT

read more

CVE-2025-3124 - GitHub Enterprise Server Private Repository Information Disclosure

CVE ID : CVE-2025-31118
Published : April 18, 2025, 4:15 p.m. | 3 hours, 35 minutes ago
Description : NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, forum quick reply feature (view_topic.php) does not implement any spam prevention mechanism. This allows authenticated users to continuously post replies without any time restriction, resulting in an uncontrolled surge of posts that can disrupt normal operations. This issue has been patched in version 2.2.0.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 16:15:00 GMT

read more

CVE-2025-31120 - NamelessMC Insecure View Count Mechanism Vulnerability

CVE ID : CVE-2025-31120
Published : April 18, 2025, 4:15 p.m. | 3 hours, 35 minutes ago
Description : NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, an insecure view count mechanism in the forum page allows an unauthenticated attacker to artificially increase the view count. The application relies on a client-side cookie (nl-topic-[tid]) (or session variable for guests) to determine if a view should be counted. When a client does not provide the cookie, every page request increments the counter, leading to incorrect view metrics. This issue has been patched in version 2.2.0.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 16:15:00 GMT

read more

CVE-2025-32389 - NamelessMC SQL Injection

CVE ID : CVE-2025-32389
Published : April 18, 2025, 4:15 p.m. | 3 hours, 35 minutes ago
Description : NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Prior to version 2.1.4, NamelessMC is vulnerable to SQL injection by providing an unexpected square bracket GET parameter syntax. Square bracket GET parameter syntax refers to the structure `?param[0]=a¶m[1]=b¶m[2]=c` utilized by PHP, which is parsed by PHP as `$_GET['param']` being of type array. This issue has been patched in version 2.1.4.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 16:15:00 GMT

read more

CVE-2025-32434 - PyTorch Remote Command Execution (RCE)

CVE ID : CVE-2025-32434
Published : April 18, 2025, 4:15 p.m. | 3 hours, 35 minutes ago
Description : PyTorch is a Python package that provides tensor computation with strong GPU acceleration and deep neural networks built on a tape-based autograd system. In version 2.5.1 and prior, a Remote Command Execution (RCE) vulnerability exists in PyTorch when loading a model using torch.load with weights_only=True. This issue has been patched in version 2.6.0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 16:15:00 GMT

read more

CVE-2025-32442 - Fastify Content-Type Validation Bypass Vulnerability

CVE ID : CVE-2025-32442
Published : April 18, 2025, 4:15 p.m. | 3 hours, 35 minutes ago
Description : Fastify is a fast and low overhead web framework, for Node.js. In versions 5.0.0 to 5.3.0, applications that specify different validation strategies for different content types have a possibility to bypass validation by providing a _slightly altered_ content type such as with different casing or altered whitespacing before `;`. This issue has been patched in version 5.3.1. A workaround involves not specifying individual content types in the schema.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 16:15:00 GMT

read more

CVE-2025-32792 - SES JavaScript Lexical Scope Information Disclosure Vulnerability

CVE ID : CVE-2025-32792
Published : April 18, 2025, 4:15 p.m. | 3 hours, 35 minutes ago
Description : SES safely executes third-party JavaScript 'strict' mode programs in compartments that have no excess authority in their global scope. Prior to version 1.12.0, web pages and web extensions using `ses` and the Compartment API to evaluate third-party code in an isolated execution environment that have also elsewhere used `const`, `let`, and `class` bindings in the top-level scope of a `` tag will have inadvertently revealed these bindings in the lexical scope of third-party code. This issue has been patched in version 1.12.0. Workarounds for this issue involve either avoiding top-level `let`, `const`, or `class` bindings in `` tags, or change these to `var` bindings to be reflected on `globalThis`.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 16:15:00 GMT

read more

CVE-2025-32795 - Dify App Name, Description and Icon Permission Bypass Vulnerability

CVE ID : CVE-2025-32795
Published : April 18, 2025, 4:15 p.m. | 3 hours, 35 minutes ago
Description : Dify is an open-source LLM app development platform. Prior to version 0.6.12, a vulnerability was identified in the DIFY where normal users are improperly granted permissions to edit APP names, descriptions and icons. This access control flaw allows non-admin users to modify app details, despite being restricted from viewing apps, which poses a security risk to the integrity of the application. This issue has been patched in version 0.6.12. A workaround for this vulnerability involves updating the access control mechanisms to enforce stricter user role permissions and implementing role-based access controls (RBAC) to ensure that only users with admin privileges can modify app details.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 16:15:00 GMT

read more

CVE-2025-32796 - Dify App Management Privilege Escalation Vulnerability

CVE ID : CVE-2025-32796
Published : April 18, 2025, 4:15 p.m. | 3 hours, 35 minutes ago
Description : Dify is an open-source LLM app development platform. Prior to version 0.6.12, a vulnerability was identified in the DIFY where normal users can enable or disable apps through the API, even though the web UI button for this action is disabled and normal users are not permitted to make such changes. This access control flaw allows non-admin users to make unauthorized changes, which can disrupt the functionality and availability of the APPS. This issue has been patched in version 0.6.12. A workaround for this vulnerability involves updating the API access control mechanisms to enforce stricter user role permissions and implementing role-based access controls (RBAC) to ensure that only users with admin privileges can send enable or disable requests for apps.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 16:15:00 GMT

read more

CVE-2025-39469 - Pantherius Modal Survey Cross-site Scripting Vulnerability

CVE ID : CVE-2024-11421
Published : April 18, 2025, 2:15 p.m. | 2 hours, 7 minutes ago
Description : Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: The developer has disputed this as a vulnerability. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 14:15:00 GMT

read more

CVE-2025-40364 - Linux Kernel io_uring Buffer Import Vulnerability

CVE ID : CVE-2025-40364
Published : April 18, 2025, 2:15 p.m. | 2 hours, 7 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: io_uring: fix io_req_prep_async with provided buffers io_req_prep_async() can import provided buffers, commit the ring state by giving up on that before, it'll be reimported later if needed.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 14:15:00 GMT

read more

CVE-2025-32790 - Dify LLM App Development Platform Unauthorized APP DSL Export Vulnerability

CVE ID : CVE-2025-32790
Published : April 18, 2025, 1:15 p.m. | 3 hours, 6 minutes ago
Description : Dify is an open-source LLM app development platform. In versions 0.6.8 and prior, a vulnerability was identified in the DIFY AI where normal users are improperly granted permissions to export APP DSL. The feature in '/export' should only allow administrator users to export DSL. A workaround for this vulnerability involves updating the access control mechanisms to enforce stricter user role permissions and implementing role-based access controls (RBAC) to ensure that only users with admin privileges can export the APP DSL. This vulnerability is fixed in 0.6.13.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 13:15:00 GMT

read more

CVE-2025-3789 - Baseweb JSite Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3789
Published : April 18, 2025, 1:15 p.m. | 3 hours, 6 minutes ago
Description : A vulnerability was found in baseweb JSite 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /a/sys/area/save. The manipulation of the argument Name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 13:15:00 GMT

read more

CVE-2025-3790 - Apache Druid Monitoring Console Remote Improper Access Controls Vulnerability

CVE ID : CVE-2025-3790
Published : April 18, 2025, 1:15 p.m. | 3 hours, 6 minutes ago
Description : A vulnerability classified as critical has been found in baseweb JSite 1.0. This affects an unknown part of the file /druid/index.html of the component Apache Druid Monitoring Console. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 13:15:00 GMT

read more

CVE-2024-45651 - IBM Sterling Connect:Direct Web Services Session Fixation Vulnerability

CVE ID : CVE-2024-45651
Published : April 18, 2025, 11:15 a.m. | 5 hours, 6 minutes ago
Description : IBM Sterling Connect:Direct Web Services 6.1.0, 6.2.0, and 6.3.0 does not invalidate session after a browser closure which could allow an authenticated user to impersonate another user on the system.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 11:15:00 GMT

read more

CVE-2024-49808 - IBM Sterling Connect:Direct Web Services Identity Spoofing

CVE ID : CVE-2024-49808
Published : April 18, 2025, 11:15 a.m. | 5 hours, 6 minutes ago
Description : IBM Sterling Connect:Direct Web Services 6.1.0, 6.2.0, and 6.3.0 could allow an authenticated user to spoof the identity of another user due to improper authorization which could allow the user to bypass access restrictions.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 11:15:00 GMT

read more

CVE-2025-3106 - LA-Studio Element Kit for Elementor Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3106
Published : April 18, 2025, 10:15 a.m. | 6 hours, 7 minutes ago
Description : The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Table of Contents widget in all versions up to, and including, 1.4.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 10:15:00 GMT

read more

CVE-2025-3787 - PbootCMS Server-Side Request Forgery Vulnerability

CVE ID : CVE-2025-3787
Published : April 18, 2025, 10:15 a.m. | 6 hours, 7 minutes ago
Description : A vulnerability was found in PbootCMS 3.2.5. It has been classified as problematic. Affected is an unknown function of the component Image Handler. The manipulation leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 2.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 10:15:00 GMT

read more

CVE-2025-3788 - Baseweb JSite Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3788
Published : April 18, 2025, 10:15 a.m. | 6 hours, 7 minutes ago
Description : A vulnerability was found in baseweb JSite 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /a/sys/user/save. The manipulation of the argument Name leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 10:15:00 GMT

read more

CVE-2025-2492 - ASUS Router AiCloud Authentication Bypass

CVE ID : CVE-2025-2492
Published : April 18, 2025, 9:15 a.m. | 7 hours, 7 minutes ago
Description : An improper authentication control vulnerability exists in AiCloud. This vulnerability can be triggered by a crafted request, potentially leading to unauthorized execution of functions. Refer to the 'ASUS Router AiCloud vulnerability' section on the ASUS Security Advisory for more information.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 09:15:00 GMT

read more

CVE-2025-3056 - WordPress Download Manager Stored Cross-Site Scripting (XSS)

CVE ID : CVE-2025-3056
Published : April 18, 2025, 9:15 a.m. | 7 hours, 7 minutes ago
Description : The Download Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 3.3.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 09:15:00 GMT

read more

CVE-2025-3785 - D-Link DWR-M961 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-3785
Published : April 18, 2025, 9:15 a.m. | 7 hours, 7 minutes ago
Description : A vulnerability has been found in D-Link DWR-M961 1.1.36 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formStaticDHCP of the component Authorization Interface. The manipulation of the argument Hostname leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.1.49 is able to address this issue. It is recommended to upgrade the affected component.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 09:15:00 GMT

read more

CVE-2025-3786 - Tenda AC15 Wireless Repeat Buffer Overflow Vulnerability

CVE ID : CVE-2025-3786
Published : April 18, 2025, 9:15 a.m. | 7 hours, 7 minutes ago
Description : A vulnerability was found in Tenda AC15 up to 15.03.05.19 and classified as critical. This issue affects the function fromSetWirelessRepeat of the file /goform/WifiExtraSet. The manipulation of the argument mac leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 09:15:00 GMT

read more

CVE-2024-26014 - Cisco WebEx Meeting Center Information Disclosure

CVE ID : CVE-2024-26014
Published : April 18, 2025, 8:15 a.m. | 8 hours, 7 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 08:15:00 GMT

read more

CVE-2025-39728 - Samsung Exynos Linux Clock Array Index Out-of-Bounds

CVE ID : CVE-2025-39728
Published : April 18, 2025, 7:15 a.m. | 9 hours, 6 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: clk: samsung: Fix UBSAN panic in samsung_clk_init() With UBSAN_ARRAY_BOUNDS=y, I'm hitting the below panic due to dereferencing `ctx->clk_data.hws` before setting `ctx->clk_data.num = nr_clks`. Move that up to fix the crash. UBSAN: array index out of bounds: 00000000f2005512 [#1] PREEMPT SMP Call trace: samsung_clk_init+0x110/0x124 (P) samsung_clk_init+0x48/0x124 (L) samsung_cmu_register_one+0x3c/0xa0 exynos_arm64_register_cmu+0x54/0x64 __gs101_cmu_top_of_clk_init_declare+0x28/0x60 ...
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 07:15:00 GMT

read more

CVE-2025-39735 - Linux Kernel JFS Slab Out-of-Bounds Read Vulnerability

CVE ID : CVE-2025-39735
Published : April 18, 2025, 7:15 a.m. | 9 hours, 6 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: jfs: fix slab-out-of-bounds read in ea_get() During the "size_check" label in ea_get(), the code checks if the extended attribute list (xattr) size matches ea_size. If not, it logs "ea_get: invalid extended attribute" and calls print_hex_dump(). Here, EALIST_SIZE(ea_buf->xattr) returns 4110417968, which exceeds INT_MAX (2,147,483,647). Then ea_size is clamped: int size = clamp_t(int, ea_size, 0, EALIST_SIZE(ea_buf->xattr)); Although clamp_t aims to bound ea_size between 0 and 4110417968, the upper limit is treated as an int, causing an overflow above 2^31 - 1. This leads "size" to wrap around and become negative (-184549328). The "size" is then passed to print_hex_dump() (called "len" in print_hex_dump()), it is passed as type size_t (an unsigned type), this is then stored inside a variable called "int remaining", which is then assigned to "int linelen" which is then passed to hex_dump_to_buffer(). In print_hex_dump() the for loop, iterates through 0 to len-1, where len is 18446744073525002176, calling hex_dump_to_buffer() on each iteration: for (i = 0; i < len; i += rowsize) { linelen = min(remaining, rowsize); remaining -= rowsize; hex_dump_to_buffer(ptr + i, linelen, rowsize, groupsize, linebuf, sizeof(linebuf), ascii); ... } The expected stopping condition (i < len) is effectively broken since len is corrupted and very large. This eventually leads to the "ptr+i" being passed to hex_dump_to_buffer() to get closer to the end of the actual bounds of "ptr", eventually an out of bounds access is done in hex_dump_to_buffer() in the following for loop: for (j = 0; j < len; j++) { if (linebuflen < lx + 2) goto overflow2; ch = ptr[j]; ... } To fix this we should validate "EALIST_SIZE(ea_buf->xattr)" before it is utilised.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 07:15:00 GMT

read more

CVE-2025-39755 - Linux Kernel Null Pointer Deref Vulnerability in GPib Pcmcia Driver

CVE ID : CVE-2025-39755
Published : April 18, 2025, 7:15 a.m. | 9 hours, 6 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: staging: gpib: Fix cb7210 pcmcia Oops The pcmcia_driver struct was still only using the old .name initialization in the drv field. This led to a NULL pointer deref Oops in strcmp called from pcmcia_register_driver. Initialize the pcmcia_driver struct name field.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 07:15:00 GMT

read more

CVE-2025-39778 - Linux Kernel objtool Out-of-Bounds Stack Read

CVE ID : CVE-2025-39778
Published : April 18, 2025, 7:15 a.m. | 9 hours, 6 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: objtool, nvmet: Fix out-of-bounds stack access in nvmet_ctrl_state_show() The csts_state_names[] array only has six sparse entries, but the iteration code in nvmet_ctrl_state_show() iterates seven, resulting in a potential out-of-bounds stack read. Fix that. Fixes the following warning with an UBSAN kernel: vmlinux.o: warning: objtool: .text.nvmet_ctrl_state_show: unexpected end of section
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 07:15:00 GMT

read more

CVE-2025-39930 - Linux Kernel ASoC Simple-Card-Utils Use-After-Free Vulnerability

CVE ID : CVE-2025-39930
Published : April 18, 2025, 7:15 a.m. | 9 hours, 6 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: ASoC: simple-card-utils: Don't use __free(device_node) at graph_util_parse_dai() commit 419d1918105e ("ASoC: simple-card-utils: use __free(device_node) for device node") uses __free(device_node) for dlc->of_node, but we need to keep it while driver is in use. Don't use __free(device_node) in graph_util_parse_dai().
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 07:15:00 GMT

read more

CVE-2025-39989 - In the Linux kernel, the following vulnerability h

CVE ID : CVE-2025-39989
Published : April 18, 2025, 7:15 a.m. | 9 hours, 6 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: x86/mce: use is_copy_from_user() to determine copy-from-user context Patch series "mm/hwpoison: Fix regressions in memory failure handling", v4. ## 1. What am I trying to do: This patchset resolves two critical regressions related to memory failure handling that have appeared in the upstream kernel since version 5.17, as compared to 5.10 LTS. - copyin case: poison found in user page while kernel copying from user space - instr case: poison found while instruction fetching in user space ## 2. What is the expected outcome and why - For copyin case: Kernel can recover from poison found where kernel is doing get_user() or copy_from_user() if those places get an error return and the kernel return -EFAULT to the process instead of crashing. More specifily, MCE handler checks the fixup handler type to decide whether an in kernel #MC can be recovered. When EX_TYPE_UACCESS is found, the PC jumps to recovery code specified in _ASM_EXTABLE_FAULT() and return a -EFAULT to user space. - For instr case: If a poison found while instruction fetching in user space, full recovery is possible. User process takes #PF, Linux allocates a new page and fills by reading from storage. ## 3. What actually happens and why - For copyin case: kernel panic since v5.17 Commit 4c132d1d844a ("x86/futex: Remove .fixup usage") introduced a new extable fixup type, EX_TYPE_EFAULT_REG, and later patches updated the extable fixup type for copy-from-user operations, changing it from EX_TYPE_UACCESS to EX_TYPE_EFAULT_REG. It breaks previous EX_TYPE_UACCESS handling when posion found in get_user() or copy_from_user(). - For instr case: user process is killed by a SIGBUS signal due to #CMCI and #MCE race When an uncorrected memory error is consumed there is a race between the CMCI from the memory controller reporting an uncorrected error with a UCNA signature, and the core reporting and SRAR signature machine check when the data is about to be consumed. ### Background: why *UN*corrected errors tied to *C*MCI in Intel platform [1] Prior to Icelake memory controllers reported patrol scrub events that detected a previously unseen uncorrected error in memory by signaling a broadcast machine check with an SRAO (Software Recoverable Action Optional) signature in the machine check bank. This was overkill because it's not an urgent problem that no core is on the verge of consuming that bad data. It's also found that multi SRAO UCE may cause nested MCE interrupts and finally become an IERR. Hence, Intel downgrades the machine check bank signature of patrol scrub from SRAO to UCNA (Uncorrected, No Action required), and signal changed to #CMCI. Just to add to the confusion, Linux does take an action (in uc_decode_notifier()) to try to offline the page despite the UC*NA* signature name. ### Background: why #CMCI and #MCE race when poison is consuming in Intel platform [1] Having decided that CMCI/UCNA is the best action for patrol scrub errors, the memory controller uses it for reads too. But the memory controller is executing asynchronously from the core, and can't tell the difference between a "real" read and a speculative read. So it will do CMCI/UCNA if an error is found in any read. Thus: 1) Core is clever and thinks address A is needed soon, issues a speculative read. 2) Core finds it is going to use address A soon after sending the read request 3) The CMCI from the memory controller is in a race with MCE from the core that will soon try to retire the load from address A. Quite often (because speculation has got better) the CMCI from the memory controller is delivered before the core is committed to the instruction reading address A, so the interrupt is taken, and Linux offlines the page (marking it as poison). ## Why user process is killed for instr case Commit 046545a661af ("mm/hwpoison: fix error page recovered but reported "not ---truncated---
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 07:15:00 GMT

read more

CVE-2025-40014 - "AMD spi objtool Stack Buffer Overflow"

CVE ID : CVE-2025-40014
Published : April 18, 2025, 7:15 a.m. | 9 hours, 6 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: objtool, spi: amd: Fix out-of-bounds stack access in amd_set_spi_freq() If speed_hz < AMD_SPI_MIN_HZ, amd_set_spi_freq() iterates over the entire amd_spi_freq array without breaking out early, causing 'i' to go beyond the array bounds. Fix that by stopping the loop when it gets to the last entry, so the low speed_hz value gets clamped up to AMD_SPI_MIN_HZ. Fixes the following warning with an UBSAN kernel: drivers/spi/spi-amd.o: error: objtool: amd_set_spi_freq() falls through to next function amd_spi_set_opcode()
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 07:15:00 GMT

read more

CVE-2025-40114 - Linux IIO Light Veml6075 Out-of-Bounds Read Vulnerability

CVE ID : CVE-2025-40114
Published : April 18, 2025, 7:15 a.m. | 9 hours, 6 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: iio: light: Add check for array bounds in veml6075_read_int_time_ms The array contains only 5 elements, but the index calculated by veml6075_read_int_time_index can range from 0 to 7, which could lead to out-of-bounds access. The check prevents this issue. Coverity Issue CID 1574309: (#1 of 1): Out-of-bounds read (OVERRUN) overrun-local: Overrunning array veml6075_it_ms of 5 4-byte elements at element index 7 (byte offset 31) using index int_index (which evaluates to 7) This is hardening against potentially broken hardware. Good to have but not necessary to backport.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 07:15:00 GMT

read more

CVE-2025-40325 - Linux Kernel MD/Raid10 Wait Barrier Violation (Information Disclosure)

CVE ID : CVE-2025-40325
Published : April 18, 2025, 7:15 a.m. | 9 hours, 6 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: md/raid10: wait barrier before returning discard request with REQ_NOWAIT raid10_handle_discard should wait barrier before returning a discard bio which has REQ_NOWAIT. And there is no need to print warning calltrace if a discard bio has REQ_NOWAIT flag. Quality engineer usually checks dmesg and reports error if dmesg has warning/error calltrace.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 18 Apr 2025 07:15:00 GMT

read more

Fuite de données chez Indigo

adresse email, plaque d’immatriculation, nom, prénom, numéro de téléphone, adresse postale

Fri Apr 18 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Etat de la menace informatique sur le secteur des transports urbains

Etat de la menace informatique sur le secteur des transports urbains

anssiadm

Les transports urbains constituent un secteur critique et les attaques informatiques qui le visent peuvent avoir des conséquences significatives qui génèrent parfois des difficultés dans la continuité des services ou encore dans la sécurisation des données. La menace à l’encontre des entités du secteur cible des entreprises de toute taille, dans le monde entier, et qui ont la gestion d’une large variété de moyen de transports. Répondant à ses missions de connaissance de la menace informatique, l’ANSSI partage un état de la menace sur le secteur du transport urbain.

Un secteur fortement exposé en 2024

Tout au long de l’année, le contexte des Jeux Olympiques et Paralympiques de Paris 2024 a mis en lumière l’exposition de ce secteur aux cyberattaques, les tensions géopolitiques ayant été un catalyseur fort de cette menace avec de nombreuses attaques par déni de services.

L’imbrication de plusieurs réseaux informatiques de grande taille ainsi que la diversité des équipements qui les composent met en exergue des niveaux de sécurisation hétérogène complexifiant d’autant plus les questions de sécurité des systèmes d’information et augmentant significativement la surface d’attaque.

Les entités du secteur sont également fortement ciblées en raison du grand nombre de données personnelles des usagers, ainsi une attention toute particulière doit être portée à la protection de ces bases de données qui font régulièrement l’objet d’attaques à des fins d’exfiltration.

Prévenir et se protéger contre ces menaces

Dans son état de la menace, l’ANSSI rappelle l’importance d’avoir une approche globale de la sécurité et recommande aux entités de réaliser une cartographie globale des systèmes d’information afin d’identifier les risques affectant l’entité ou encore mesurer la maturité des systèmes d’informations concernés.

Il est essentiel de travailler sur des modes de fonctionnement dégradé notamment pour assurer et préparer en parallèle un plan de continuité d’activité (PCA) et un plan de reprise d’activité (PRA). La mise en pratique ces recommandations permettra au secteur des transports urbains d’anticiper ces menaces.

Thu, 17 Apr 2025 07:37:00 GMT

read more

L’ANSSI publie ses guides sur la remédiation d’incidents en anglais

L’ANSSI publie ses guides sur la remédiation d’incidents en anglais

anssiadm

Suite au lancement, en janvier 2024, d’un corpus sur la remédiation post-incident et l’intégration de trois guides (stratégique, opérationnel, technique) à cette collection, l’ANSSI publie les traductions de ces trois guides en anglais.

L’objectif de ces traductions est de poursuivre la diffusion des piliers doctrinaux élaborés par l’ANSSI, à l’échelle européenne et internationale.

En parallèle, le chantier de l’ANSSI sur la remédiation se poursuit. Le corpus (Piloter la remédiation d’un incident cyber | ANSSI) a vocation à être progressivement enrichi de nouveaux documents, sur la base des échanges menés activement par l’agence avec l’écosystème.

Les traductions peuvent être retrouvées sur la page suivante du site de l’ANSSI en anglais :

Wed, 16 Apr 2025 12:39:00 GMT

read more

CVE-2025-1688 - Milestone XProtect Installer Password Reset Vulnerability

CVE ID : CVE-2025-1688
Published : April 15, 2025, 11:15 a.m. | 1 hour ago
Description : Milestone Systems has discovered a security vulnerability in Milestone XProtect installer that resets system configuration password after the upgrading from older versions using specific installers. The system configuration password is an additional, optional protection that is enabled on the Management Server. To mitigate the issue, we highly recommend updating system configuration password via GUI with a standard procedure. Any system upgraded with 2024 R1 or 2024 R2 release installer is vulnerable to this issue. Systems upgraded from 2023 R3 or older with version 2025 R1 and newer are not affected.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 15 Apr 2025 11:15:00 GMT

read more

CVE-2025-32943 - PeerTube File Traversal Information Disclosure

CVE ID : CVE-2025-32943
Published : April 15, 2025, 11:15 a.m. | 1 hour ago
Description : The vulnerability allows any authenticated user to leak the contents of arbitrary “.m3u8” files from the PeerTube server due to a path traversal in the HLS endpoint.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 15 Apr 2025 11:15:00 GMT

read more

CVE-2025-2083 - WordPress Logo Carousel Gutenberg Block Stored Cross-Site Scripting

CVE ID : CVE-2025-2083
Published : April 15, 2025, 10:15 a.m. | 2 hours ago
Description : The Logo Carousel Gutenberg Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘sliderId’ parameter in all versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 15 Apr 2025 10:15:00 GMT

read more

CVE-2024-45712 - SolarWinds Serv-U Client-Side Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2024-45712
Published : April 15, 2025, 9:15 a.m. | 3 hours ago
Description : SolarWinds Serv-U is vulnerable to a client-side cross-site scripting (XSS) vulnerability. The vulnerability can only be performed by an authenticated account, on the local machine, from the local browser session. Therefore the risk is very low.
Severity: 2.6 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 15 Apr 2025 09:15:00 GMT

read more

CVE-2025-3574 - T-INNOVA Deporsite Insecure Direct Object Reference

CVE ID : CVE-2025-3574
Published : April 15, 2025, 9:15 a.m. | 3 hours ago
Description : Insecure Direct Object Reference vulnerability in Deporsite from T-INNOVA allows an attacker to retrieve sensitive information from others users via "idUsuario" parameter in "/helper/Familia/obtenerFamiliaUsuario" endpoint.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 15 Apr 2025 09:15:00 GMT

read more

CVE-2025-3575 - T-INNOVA Deporsite Insecure Direct Object Reference

CVE ID : CVE-2025-3575
Published : April 15, 2025, 9:15 a.m. | 3 hours ago
Description : Insecure Direct Object Reference vulnerability in Deporsite from T-INNOVA allows an attacker to retrieve sensitive information from others users via "idUsuario" parameter in "/helper/Familia/establecerUsuarioSeleccion" endpoint.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 15 Apr 2025 09:15:00 GMT

read more

CVE-2025-3578 - Aidex Privilege Escalation and Information Disclosure Vulnerability

CVE ID : CVE-2025-3578
Published : April 15, 2025, 9:15 a.m. | 3 hours ago
Description : A malicious, authenticated user in Aidex, versions prior to 1.7, could list credentials of other users, create or modify existing users in the application, list credentials of users in production or development environments. In addition, it would be possible to cause bugs that would result in the exfiltration of sensitive information, such as details about the software or internal system paths. These actions could be carried out through the misuse of LLM Prompt (chatbot) technology, via the /api//message endpoint, by manipulating the contents of the ‘content’ parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 15 Apr 2025 09:15:00 GMT

read more

CVE-2025-3579 - Aidex Command Injection Vulnerability

CVE ID : CVE-2025-3579
Published : April 15, 2025, 9:15 a.m. | 3 hours ago
Description : In versions prior to Aidex 1.7, an authenticated malicious user, taking advantage of an open registry, could execute unauthorised commands within the system. This includes executing operating system (Unix) commands, interacting with internal services such as PHP or MySQL, and even invoking native functions of the framework used, such as Laravel or Symfony. This execution is achieved by Prompt Injection attacks through the /api//message endpoint, manipulating the content of the ‘content’ parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 15 Apr 2025 09:15:00 GMT

read more

L'ANSSI publie son rapport d'activité 2024

L'ANSSI publie son rapport d'activité 2024

anssiadm
À l’occasion de la publication de son rapport d’activité 2024, l’ANSSI revient sur une année de mobilisation exceptionnelle tant de ses agents que de « l’équipe de France » de la cybersécurité dans son ensemble.

Face à une menace cyber toujours plus forte, l’année écoulée a de nouveau démontré que la cybersécurité de la Nation est un sport collectif.

Les Jeux olympiques et paralympiques de Paris 2024 comme consécration du modèle français de cyberdéfense

En tant que cheffe de file du volet cyber, l’ANSSI a été au cœur de la préparation des Jeux olympiques et paralympiques de Paris 2024. Le succès de cet événement international majeur est un accomplissement pour l’Agence, qui témoigne également de la pertinence du modèle de cyberdéfense français bâti autour d’une autorité nationale et ancré dans un écosystème élargi et déployé dans les territoires. Les Jeux sont le résultat d’une méthode – anticipation, préparation, entraînement – et d’une équipe – l’écosystème cyber public et privé – qui doivent perdurer pour permettre à la France de rester parmi les grandes nations de la cybersécurité.

La directive NIS 2, vecteur d’une transformation profonde pour l’ANSSI

En 2024, l’ANSSI a poursuivi ses travaux de transposition de la directive NIS 2 qui sont le moteur d’un changement majeur de son organisation, de ses méthodes et de sa manière d’interagir avec ses bénéficiaires et ses partenaires. Déjà fortement mobilisées sur le sujet au cours des dernières années, les équipes de l’Agence continueront de l’être au quotidien, en coordination avec l’écosystème cyber, pour accompagner des milliers d’entités dans leur cybersécurité.

Des progrès précieux pour l’élévation générale de la cybersécurité de l’Union européenne

À l’image du cadre réglementaire défini par NIS 2, ou encore du vote du règlement sur la résilience cyber, pour lesquels l’ANSSI s’est pleinement engagée, la cybersécurité en Europe a connu de belles avancées en 2024. Par ailleurs, face aux évolutions technologiques, et notamment aux technologies de rupture, la conservation d’une maîtrise souveraine des expertises techniques s’impose comme une mission essentielle de l’ANSSI.

L’année 2024 en quelques chiffres :

  • 656 agents âgés en moyenne de 36 ans, œuvrent au quotidien pour la cybersécurité de la Nation, au sein de l’ANSSI.
  • 4 386 (+15%) événements de sécurité traités par l’ANSSI, et 1 361 (+18%) incidents ayant impliqué un acteur malveillant.
  • 68 formations labellisées SecNumedu, 1 696 personnes formées au Centre de formation à la sécurité des systèmes d’information (CFSSI) et 117 856 attestations SecNumacadémie décernées.

L’année 2024 en quelques dates clés :

Au-delà des JOP24 d’autres d’événements ont marqué l’année 2024 :

  • 31 janvier : Adoption du schéma européen de certification de cybersécurité fondé sur des critères commun.
  • 10 mai : Entrée en vigueur du décret d’application de la loi de programmation militaire 2024-2030, permettant à l’ANSSI de mettre en œuvre l’ensemble des nouvelles capacités dont elle l’a dotée.
  • 9 juillet : Publications des recommandations de l’ANSSI pour l’hébergement des systèmes d’information sensible dans le cloud.
  • 15 octobre : Présentation en conseil des ministres du projet de loi relatif à la résilience des activités d’importance vitale, à la protection des infrastructures critiques à la cybersécurité et à la résilience opérationnelle du secteur financier dont le titre II, Cybersécurité, vise à transposer la directive NIS 2.

Cette année exceptionnelle ouvre désormais la voie à une nouvelle étape pour l’ANSSI, qui a été partagée dans notre stratégie pour 2025-2027 . Il s’agit de prendre acte des évolutions non seulement du paysage cyber, mais également de notre environnement plus global. Pour ce faire, nous aurons besoin de « l’équipe de France » de cybersécurité à nos côtes.

Vincent Strubel

Directeur général

Tue, 15 Apr 2025 07:43:00 GMT

read more

CVE-2024-13207 - "Widget for Social Page Feeds WordPress Stored Cross-Site Scripting"

CVE ID : CVE-2024-13207
Published : April 15, 2025, 6:15 a.m. | 6 hours ago
Description : The Widget for Social Page Feeds WordPress plugin before 6.4.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 15 Apr 2025 06:15:00 GMT

read more

CVE-2024-13610 - "Simple Social Media Share Buttons WordPress Stored Cross-Site Scripting Vulnerability"

CVE ID : CVE-2024-13610
Published : April 15, 2025, 6:15 a.m. | 6 hours ago
Description : The Simple Social Media Share Buttons WordPress plugin before 6.0.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 15 Apr 2025 06:15:00 GMT

read more

CVE-2025-2225 - Elementor Responsive Addons Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-2225
Published : April 15, 2025, 6:15 a.m. | 6 hours ago
Description : The Responsive Addons for Elementor – Free Elementor Addons Plugin and Elementor Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘rael_title_tag' parameter in all versions up to, and including, 1.6.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The vulnerability was partially patched in version 1.6.9.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 15 Apr 2025 06:15:00 GMT

read more

CVE-2025-32993 - Vision Helpdesk SQL Injection

CVE ID : CVE-2025-32993
Published : April 15, 2025, 6:15 a.m. | 6 hours ago
Description : Vision Helpdesk through 5.7.0 allows Time-Based Blind SQL injection via the Forgot Password (aka index.php?/home/forgot-password) vis_username parameter. Authentication is not needed.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 15 Apr 2025 06:15:00 GMT

read more

CVE-2025-3576 - Kerberos MIT RC4-MD5 GSSAPI Spoofing Vulnerability

CVE ID : CVE-2025-3576
Published : April 15, 2025, 6:15 a.m. | 6 hours ago
Description : A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 15 Apr 2025 06:15:00 GMT

read more

CVE-2025-3622 - Xorbits Inference Deserialization Vulnerability

CVE ID : CVE-2025-3622
Published : April 15, 2025, 6:15 a.m. | 6 hours ago
Description : A vulnerability, which was classified as critical, has been found in Xorbits Inference up to 1.4.1. This issue affects the function load of the file xinference/thirdparty/cosyvoice/cli/model.py. The manipulation leads to deserialization.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 15 Apr 2025 06:15:00 GMT

read more

CVE-2025-3573 - "jQuery Validation Cross-site Scripting (XSS)"

CVE ID : CVE-2025-3573
Published : April 15, 2025, 5:15 a.m. | 7 hours ago
Description : Versions of the package jquery-validation before 1.20.0 are vulnerable to Cross-site Scripting (XSS) in the showLabel() function, which may take input from a user-controlled placeholder value. This value will populate a message via $.validator.messages in a user localizable dictionary.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 15 Apr 2025 05:15:00 GMT

read more

CVE-2025-29983 - Dell Trusted Device Link Following Vulnerability

CVE ID : CVE-2025-29983
Published : April 15, 2025, 4:15 a.m. | 8 hours ago
Description : Dell Trusted Device, versions prior to 7.0.3.0, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 15 Apr 2025 04:15:00 GMT

read more

CVE-2025-29984 - Dell Trusted Device Default Permission Vulnerability

CVE ID : CVE-2025-29984
Published : April 15, 2025, 4:15 a.m. | 8 hours ago
Description : Dell Trusted Device, versions prior to 7.0.3.0, contain an Incorrect Default Permissions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 15 Apr 2025 04:15:00 GMT

read more

CVE-2025-32939 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-32939
Published : April 15, 2025, 3:15 a.m. | 9 hours ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 15 Apr 2025 03:15:00 GMT

read more

CVE-2025-32940 - Apache Struts Code Injection Vulnerability

CVE ID : CVE-2025-32940
Published : April 15, 2025, 3:15 a.m. | 9 hours ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 15 Apr 2025 03:15:00 GMT

read more

CVE-2025-32941 - Apache HTTP Server Unvalidated Request Parameter

CVE ID : CVE-2025-32941
Published : April 15, 2025, 3:15 a.m. | 9 hours ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 15 Apr 2025 03:15:00 GMT

read more

CVE-2025-32996 - Apache HTTP Proxy Middleware Write-What-Where Information Disclosure

CVE ID : CVE-2025-32996
Published : April 15, 2025, 3:15 a.m. | 9 hours ago
Description : In http-proxy-middleware before 2.0.8 and 3.x before 3.0.4, writeBody can be called twice because "else if" is not used.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 15 Apr 2025 03:15:00 GMT

read more

CVE-2025-32997 - Apache http-proxy-middleware JSON Body Injection Vulnerability

CVE ID : CVE-2025-32997
Published : April 15, 2025, 3:15 a.m. | 9 hours ago
Description : In http-proxy-middleware before 2.0.9 and 3.x before 3.0.5, fixRequestBody proceeds even if bodyParser has failed.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 15 Apr 2025 03:15:00 GMT

read more

CVE-2025-3470 - WordPress TS Poll SQL Injection Vulnerability

CVE ID : CVE-2025-3470
Published : April 15, 2025, 3:15 a.m. | 9 hours ago
Description : The TS Poll – Survey, Versus Poll, Image Poll, Video Poll plugin for WordPress is vulnerable to SQL Injection via the s parameter in all versions up to, and including, 2.4.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 15 Apr 2025 03:15:00 GMT

read more

CVE-2025-3612 - Demtec Graphytics Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3612
Published : April 15, 2025, 3:15 a.m. | 9 hours ago
Description : A vulnerability, which was classified as problematic, was found in Demtec Graphytics 5.0.7. This affects an unknown part of the file /visualization of the component HTTP GET Parameter Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 15 Apr 2025 03:15:00 GMT

read more

CVE-2025-3613 - Demtec Graphytics Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3613
Published : April 15, 2025, 3:15 a.m. | 9 hours ago
Description : A vulnerability has been found in Demtec Graphytics 5.0.7 and classified as problematic. This vulnerability affects unknown code of the file /visualization. The manipulation of the argument description leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 15 Apr 2025 03:15:00 GMT

read more

CVE-2025-24797 - Meshtastic Protocol Buffer Overflow Vulnerability

CVE ID : CVE-2025-24797
Published : April 15, 2025, 12:15 a.m. | 6 hours ago
Description : Meshtastic is an open source mesh networking solution. A fault in the handling of mesh packets containing invalid protobuf data can result in an attacker-controlled buffer overflow, allowing an attacker to hijack execution flow, potentially resulting in remote code execution. This attack does not require authentication or user interaction, as long as the target device rebroadcasts packets on the default channel. This vulnerability fixed in 2.6.2.
Severity: 9.4 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 15 Apr 2025 00:15:00 GMT

read more

CVE-2025-31491 - "AutoGPT Cross-Domain Cookie and Header Leakage Vulnerability"

CVE ID : CVE-2025-31491
Published : April 15, 2025, 12:15 a.m. | 6 hours ago
Description : AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Prior to 0.6.1, AutoGPT allows of leakage of cross-domain cookies and protected headers in requests redirect. AutoGPT uses a wrapper around the requests python library, located in autogpt_platform/backend/backend/util/request.py. In this wrapper, redirects are specifically NOT followed for the first request. If the wrapper is used with allow_redirects set to True (which is the default), any redirect is not followed by the initial request, but rather re-requested by the wrapper using the new location. However, there is a fundamental flaw in manually re-requesting the new location: it does not account for security-sensitive headers which should not be sent cross-origin, such as the Authorization and Proxy-Authorization header, and cookies. For example in autogpt_platform/backend/backend/blocks/github/_api.py, an Authorization header is set when retrieving data from the GitHub API. However, if GitHub suffers from an open redirect vulnerability (such as the made-up example of https://api.github.com/repos/{owner}/{repo}/issues/comments/{comment_id}/../../../../../redirect/?url=https://joshua.hu/), and the script can be coerced into visiting it with the Authorization header, the GitHub credentials in the Authorization header will be leaked. This allows leaking auth headers and private cookies. This vulnerability is fixed in 0.6.1.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 15 Apr 2025 00:15:00 GMT

read more

CVE-2025-31494 - AutoGPT WebSocket API Graph ID Spoofing Vulnerability

CVE ID : CVE-2025-31494
Published : April 15, 2025, 12:15 a.m. | 6 hours ago
Description : AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. The AutoGPT Platform's WebSocket API transmitted node execution updates to subscribers based on the graph_id+graph_version. Additionally, there was no check prohibiting users from subscribing with another user's graph_id+graph_version. As a result, node execution updates from one user's graph execution could be received by another user within the same instance. This vulnerability does not occur between different instances or between users and non-users of the platform. Single-user instances are not affected. In private instances with a user white-list, the impact is limited by the fact that all potential unintended recipients of these node execution updates must have been admitted by the administrator. This vulnerability is fixed in 0.6.1.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 15 Apr 2025 00:15:00 GMT

read more

Fuite de données chez Hertz

nom, coordonnées, date de naissance, permis de conduire, carte de crédit, passeport

Tue Apr 15 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Fuite de données chez Afflelou

nom, prénom, date de naissance, adresse postale, adresse email, numéro de téléphone, informations commerciales

Tue Apr 15 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

CVE-2025-31490 - AutoGPT SSRF via DNS Rebinding

CVE ID : CVE-2025-31490
Published : April 14, 2025, 11:15 p.m. | 7 hours ago
Description : AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Prior to 0.6.1, AutoGPT allows SSRF due to DNS Rebinding in requests wrapper. AutoGPT is built with a wrapper around Python's requests library, hardening the application against SSRF. The code for this wrapper can be found in autogpt_platform/backend/backend/util/request.py. The requested hostname of a URL which is being requested is validated, ensuring that it does not resolve to any local ipv4 or ipv6 addresses. However, this check is not sufficient, as a DNS server may initially respond with a non-blocked address, with a TTL of 0. This means that the initial resolution would appear as a non-blocked address. In this case, validate_url() will return the url as successful. After validate_url() has successfully returned the url, the url is then passed to the real request() function. When the real request() function is called with the validated url, request() will once again resolve the address of the hostname, because the record will not have been cached (due to TTL 0). This resolution may be in the "invalid range". This type of attack is called a "DNS Rebinding Attack". This vulnerability is fixed in 0.6.1.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 14 Apr 2025 23:15:00 GMT

read more

CVE-2025-3593 - ZHENFENG13 My-Blog-layui Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-3593
Published : April 14, 2025, 11:15 p.m. | 7 hours ago
Description : A vulnerability was found in ZHENFENG13/code-projects My-Blog-layui 1.0. It has been declared as critical. This vulnerability affects the function Upload of the file /admin/upload/authorImg/. The manipulation of the argument File leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 14 Apr 2025 23:15:00 GMT

read more

CVE-2025-3592 - ZHENFENG13 My-Blog-layui Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3592
Published : April 14, 2025, 10:15 p.m. | 8 hours ago
Description : A vulnerability was found in ZHENFENG13/code-projects My-Blog-layui 1.0. It has been classified as problematic. This affects an unknown part of the file /admin/v1/link/edit. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Multiple parameters might be affected. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 14 Apr 2025 22:15:00 GMT

read more

CVE-2025-3590 - Adianti Framework Remote Deserialization Vulnerability

CVE ID : CVE-2025-3590
Published : April 14, 2025, 10:15 p.m. | 6 hours ago
Description : A vulnerability has been found in Adianti Framework up to 8.0 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to deserialization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 8.1 is able to address this issue. It is recommended to upgrade the affected component.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 14 Apr 2025 22:15:00 GMT

read more

CVE-2025-3591 - ZHENFENG13/My-Blog-layui Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3591
Published : April 14, 2025, 10:15 p.m. | 6 hours ago
Description : A vulnerability was found in ZHENFENG13/code-projects My-Blog-layui 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/v1/blog/edit. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Multiple parameters might be affected. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 14 Apr 2025 22:15:00 GMT

read more

CVE-2022-43840 - IBM Aspera Console XPath Injection Vulnerability

CVE ID : CVE-2022-43840
Published : April 14, 2025, 9:15 p.m. | 5 hours ago
Description : IBM Aspera Console 3.4.0 through 3.4.4 is vulnerable to an XPath injection vulnerability, which could allow an authenticated attacker to exfiltrate sensitive application data and/or determine the structure of the XML document.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 14 Apr 2025 21:15:00 GMT

read more

CVE-2022-43847 - IBM Aspera Console HTTP Header Injection Vulnerability

CVE ID : CVE-2022-43847
Published : April 14, 2025, 9:15 p.m. | 5 hours ago
Description : IBM Aspera Console 3.4.0 through 3.4.4 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 14 Apr 2025 21:15:00 GMT

read more

CVE-2022-43850 - IBM Aspera Console Cross-Site Scripting Vulnerability

CVE ID : CVE-2022-43850
Published : April 14, 2025, 9:15 p.m. | 5 hours ago
Description : IBM Aspera Console 3.4.0 through 3.4.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 14 Apr 2025 21:15:00 GMT

read more

CVE-2022-43851 - IBM Aspera Console Cryptographic Weakness

CVE ID : CVE-2022-43851
Published : April 14, 2025, 9:15 p.m. | 5 hours ago
Description : IBM Aspera Console 3.4.0 through 3.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 14 Apr 2025 21:15:00 GMT

read more

CVE-2022-43852 - IBM Aspera Console Information Disclosure

CVE ID : CVE-2022-43852
Published : April 14, 2025, 9:15 p.m. | 5 hours ago
Description : IBM Aspera Console 3.4.0 through 3.4.4 could disclose sensitive information in HTTP headers that could be used in further attacks against the system.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 14 Apr 2025 21:15:00 GMT

read more

CVE-2023-27272 - IBM Aspera Console Password Reuse Vulnerability

CVE ID : CVE-2023-27272
Published : April 14, 2025, 9:15 p.m. | 5 hours ago
Description : IBM Aspera Console 3.4.0 through 3.4.4 allows passwords to be reused when a new user logs into the system.
Severity: 3.1 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 14 Apr 2025 21:15:00 GMT

read more

CVE-2025-3588 - "JSONschema2pojo JSON File Handler Stack-Based Buffer Overflow"

CVE ID : CVE-2025-3588
Published : April 14, 2025, 9:15 p.m. | 5 hours ago
Description : A vulnerability, which was classified as problematic, has been found in joelittlejohn jsonschema2pojo 1.2.2. This issue affects the function apply of the file org/jsonschema2pojo/rules/SchemaRule.java of the component JSON File Handler. The manipulation leads to stack-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 14 Apr 2025 21:15:00 GMT

read more

CVE-2025-3587 - ZeroWdd/Code-Projects StudentManager Remote Authorization Bypass

CVE ID : CVE-2025-3587
Published : April 14, 2025, 8:15 p.m. | 6 hours ago
Description : A vulnerability classified as critical was found in ZeroWdd/code-projects studentmanager 1.0. This vulnerability affects unknown code of the file /getTeacherList. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 14 Apr 2025 20:15:00 GMT

read more

CVE-2025-1782 - HylaFAX Enterprise Web Interface and AvantFAX File Inclusion Vulnerability

CVE ID : CVE-2025-1782
Published : April 14, 2025, 7:15 p.m. | 7 hours ago
Description : In HylaFAX Enterprise Web Interface and AvantFAX, the language form element is not properly sanitized before being used and can be misused to include an arbitrary file in the PHP code allowing an attacker to do anything as the web server user. This flaw requires the attacker to be authenticated with a valid user account.
Severity: 9.9 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 14 Apr 2025 19:15:00 GMT

read more

CVE-2025-3585 - Westboy CicadasCMS Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-3585
Published : April 14, 2025, 6:15 p.m. | 8 hours ago
Description : A vulnerability classified as critical has been found in westboy CicadasCMS 1.0. This affects an unknown part of the file /upload/ of the component JSP Parser. The manipulation of the argument File leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 14 Apr 2025 18:15:00 GMT

read more

CVE-2025-29720 - Dify SSRF

CVE ID : CVE-2025-29720
Published : April 14, 2025, 5:15 p.m. | 9 hours ago
Description : Dify v1.0 was discovered to contain a Server-Side Request Forgery (SSRF) via the component controllers.console.remote_files.RemoteFileUploadApi.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 14 Apr 2025 17:15:00 GMT

read more

CVE-2025-3277 - SQLite Heap Buffer Overflow

CVE ID : CVE-2025-3277
Published : April 14, 2025, 5:15 p.m. | 9 hours ago
Description : An integer overflow can be triggered in SQLite’s `concat_ws()` function. The resulting, truncated integer is then used to allocate a buffer. When SQLite then writes the resulting string to the buffer, it uses the original, untruncated size and thus a wild Heap Buffer overflow of size ~4GB can be triggered. This can result in arbitrary code execution.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 14 Apr 2025 17:15:00 GMT

read more

CVE-2025-22373 - SicommNet BASEC Web Page Generation Vulnerability (Cross-site Scripting)

CVE ID : CVE-2025-22373
Published : April 14, 2025, 4:15 p.m. | 10 hours ago
Description : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SicommNet BASEC on SaaS allows Reflected XSS, XSS Through HTTP Query Strings, Rendering of Arbitrary HTML and alternation of CSS Styles This issue affects BASEC: from 14 Dec 2021.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 14 Apr 2025 16:15:00 GMT

read more

CVE-2025-2572 - WhatsUp Gold Database Manipulation Vulnerability

CVE ID : CVE-2025-2572
Published : April 14, 2025, 4:15 p.m. | 10 hours ago
Description : In WhatsUp Gold versions released before 2024.0.3, a database manipulation vulnerability allows an unauthenticated attacker to modify the contents of WhatsUp.dbo.WrlsMacAddressGroup.
Severity: 5.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 14 Apr 2025 16:15:00 GMT

read more

CVE-2025-32931 - DevDojo Voyager Command Injection Vulnerability

CVE ID : CVE-2025-32931
Published : April 14, 2025, 4:15 p.m. | 10 hours ago
Description : DevDojo Voyager 1.4.0 through 1.8.0, when Laravel 8 or later is used, allows authenticated administrators to execute arbitrary OS commands via a specific php artisan command.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 14 Apr 2025 16:15:00 GMT

read more

CVE-2025-3543 - H3C Magic NX Series HTTP POST Request Handler Command Injection Vulnerability

CVE ID : CVE-2025-3543
Published : April 14, 2025, 1:15 a.m. | 7 hours ago
Description : A vulnerability has been found in H3C Magic NX15, Magic NX30 Pro, Magic NX400 and Magic R3010 up to V100R014 and classified as critical. This vulnerability affects the function FCGI_WizardProtoProcess of the file /api/wizard/setsyncpppoecfg of the component HTTP POST Request Handler. The manipulation leads to command injection. Access to the local network is required for this attack. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component.
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 14 Apr 2025 01:15:00 GMT

read more

CVE-2025-3544 - H3C Magic NX15/30 Pro/400/BE18000 HTTP POST Request Handler Command Injection

CVE ID : CVE-2025-3544
Published : April 14, 2025, 1:15 a.m. | 7 hours ago
Description : A vulnerability was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014 and classified as critical. This issue affects the function FCGI_CheckStringIfContainsSemicolon of the file /api/wizard/getCapabilityWeb of the component HTTP POST Request Handler. The manipulation leads to command injection. Access to the local network is required for this attack to succeed. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component.
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 14 Apr 2025 01:15:00 GMT

read more

CVE-2025-3542 - H3C Magic NX15, Magic NX400 and Magic R3010 Command Injection Vulnerability

CVE ID : CVE-2025-3542
Published : April 14, 2025, 12:15 a.m. | 8 hours ago
Description : A vulnerability, which was classified as critical, was found in H3C Magic NX15, Magic NX400 and Magic R3010 up to V100R014. This affects the function FCGI_WizardProtoProcess of the file /api/wizard/getsyncpppoecfg of the component HTTP POST Request Handler. The manipulation leads to command injection. The attack needs to be initiated within the local network. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component.
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 14 Apr 2025 00:15:00 GMT

read more

CVE-2025-3540 - H3C Magic NX15, Magic NX30 Pro, Magic NX400 and Magic R3010 Command Injection Vulnerability

CVE ID : CVE-2025-3540
Published : April 13, 2025, 11:15 p.m. | 9 hours ago
Description : A vulnerability classified as critical was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400 and Magic R3010 up to V100R014. Affected by this vulnerability is the function FCGI_WizardProtoProcess of the file /api/wizard/getCapability of the component HTTP POST Request Handler. The manipulation leads to command injection. The attack can only be initiated within the local network. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component.
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 13 Apr 2025 23:15:00 GMT

read more

CVE-2025-3541 - H3C Magic NX15/Magic NX30 Pro/Magic NX400/Magic R3010 Command Injection Vulnerability

CVE ID : CVE-2025-3541
Published : April 13, 2025, 11:15 p.m. | 9 hours ago
Description : A vulnerability, which was classified as critical, has been found in H3C Magic NX15, Magic NX30 Pro, Magic NX400 and Magic R3010 up to V100R014. Affected by this issue is the function FCGI_WizardProtoProcess of the file /api/wizard/getSpecs of the component HTTP POST Request Handler. The manipulation leads to command injection. The attack needs to be done within the local network. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component.
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 13 Apr 2025 23:15:00 GMT

read more

CVE-2025-3445 - Apache Archiver Path Traversal Zip Slip Vulnerability

CVE ID : CVE-2025-3445
Published : April 13, 2025, 10:15 p.m. | 10 hours ago
Description : A Path Traversal "Zip Slip" vulnerability has been identified in mholt/archiver in Go. This vulnerability allows using a crafted ZIP file containing path traversal symlinks to create or overwrite files with the user's privileges or application utilizing the library. When using the archiver.Unarchive functionality with ZIP files, like this: archiver.Unarchive(zipFile, outputDir),  A crafted ZIP file can be extracted in such a way that it writes files to the affected system with the same privileges as the application executing this vulnerable functionality. Consequently, sensitive files may be overwritten, potentially leading to privilege escalation, code execution, and other severe outcomes in some cases. It's worth noting that a similar vulnerability was found in TAR files (CVE-2024-0406). Although a fix was implemented, it hasn't been officially released, and the affected project has since been deprecated. The successor to mholt/archiver is a new project called mholt/archives, and its initial release (v0.1.0) removes the Unarchive() functionality.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 13 Apr 2025 22:15:00 GMT

read more

CVE-2025-3539 - H3C Magic NX Series HCF CGI Command Injection Vulnerability

CVE ID : CVE-2025-3539
Published : April 13, 2025, 10:15 p.m. | 10 hours ago
Description : A vulnerability classified as critical has been found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014. Affected is the function FCGI_CheckStringIfContainsSemicolon of the file /api/wizard/getBasicInfo of the component HTTP POST Request Handler. The manipulation leads to command injection. The attack can only be done within the local network. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component.
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 13 Apr 2025 22:15:00 GMT

read more

CVE-2025-3538 - D-Link jhttpd Auth Asp Stack-Based Buffer Overflow

CVE ID : CVE-2025-3538
Published : April 13, 2025, 7:15 p.m. | 13 hours ago
Description : A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been rated as critical. This issue affects the function auth_asp of the file /auth.asp of the component jhttpd. The manipulation of the argument callback leads to stack-based buffer overflow. The attack needs to be approached within the local network. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 13 Apr 2025 19:15:00 GMT

read more

CVE-2024-56406 - Perl Heap Buffer Overflow Vulnerability

CVE ID : CVE-2024-56406
Published : April 13, 2025, 2:15 p.m. | 18 hours ago
Description : A heap buffer overflow vulnerability was discovered in Perl. Release branches 5.34, 5.36, 5.38 and 5.40 are affected, including development versions from 5.33.1 through 5.41.10. When there are non-ASCII bytes in the left-hand-side of the `tr` operator, `S_do_trans_invmap` can overflow the destination pointer `d`.    $ perl -e '$_ = "\x{FF}" x 1000000; tr/\xFF/\x{100}/;'    Segmentation fault (core dumped) It is believed that this vulnerability can enable Denial of Service and possibly Code Execution attacks on platforms that lack sufficient defenses.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 13 Apr 2025 14:15:00 GMT

read more

CVE-2025-3423 - IBM Aspera Faspex Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3423
Published : April 13, 2025, 12:15 p.m. | 17 hours, 54 minutes ago
Description : IBM Aspera Faspex 5.0.0 through 5.0.11 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 13 Apr 2025 12:15:00 GMT

read more

CVE-2025-3536 - Tutorials-Website Employee Management System Remote File Inclusion Vulnerability

CVE ID : CVE-2025-3536
Published : April 13, 2025, 12:15 p.m. | 17 hours, 54 minutes ago
Description : A vulnerability was found in Tutorials-Website Employee Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/delete-user.php. The manipulation of the argument ID leads to improper authorization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 13 Apr 2025 12:15:00 GMT

read more

CVE-2025-3537 - Tutorials-Website Employee Management System Remote Unauthorized File Access Vulnerability

CVE ID : CVE-2025-3537
Published : April 13, 2025, 12:15 p.m. | 17 hours, 54 minutes ago
Description : A vulnerability was found in Tutorials-Website Employee Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/update-user.php. The manipulation of the argument ID leads to improper authorization. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 13 Apr 2025 12:15:00 GMT

read more

CVE-2025-3534 - PowerCreator CMS SQL Injection Vulnerability

CVE ID : CVE-2025-3534
Published : April 13, 2025, 11:15 a.m. | 18 hours, 54 minutes ago
Description : A vulnerability, which was classified as critical, was found in PowerCreator CMS 1.0. Affected is an unknown function of the file /OpenPublicCourse.aspx. The manipulation of the argument cid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 13 Apr 2025 11:15:00 GMT

read more

CVE-2025-3535 - Shuanx BurpAPIFinder Denial of Service Vulnerability

CVE ID : CVE-2025-3535
Published : April 13, 2025, 11:15 a.m. | 18 hours, 54 minutes ago
Description : A vulnerability has been found in shuanx BurpAPIFinder up to 2.0.2 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file BurpApiFinder.db. The manipulation leads to denial of service. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 13 Apr 2025 11:15:00 GMT

read more

CVE-2025-3533 - YouDianCMS Cross Site Scripting Vulnerability

CVE ID : CVE-2025-3533
Published : April 13, 2025, 10:15 a.m. | 19 hours, 54 minutes ago
Description : A vulnerability, which was classified as problematic, has been found in YouDianCMS 9.5.21. This issue affects some unknown processing of the file /App/Tpl/Admin/Default/Channel/index.html.Attackers. The manipulation of the argument Parent leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 13 Apr 2025 10:15:00 GMT

read more

CVE-2025-3531 - YouDianCMS Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3531
Published : April 13, 2025, 6:15 a.m. | 23 hours, 54 minutes ago
Description : A vulnerability classified as problematic has been found in YouDianCMS 9.5.21. This affects an unknown part of the file /App/Tpl/Admin/Default/Log/index.html. The manipulation of the argument UserName/LogType leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 13 Apr 2025 06:15:00 GMT

read more

CVE-2025-3532 - YouDianCMS Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3532
Published : April 13, 2025, 6:15 a.m. | 23 hours, 54 minutes ago
Description : A vulnerability classified as problematic was found in YouDianCMS 9.5.21. This vulnerability affects unknown code of the file /App/Tpl/Member/Default/Order/index.html.Attackers. The manipulation of the argument OrderNumber leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 13 Apr 2025 06:15:00 GMT

read more

CVE-2025-2814 - "Verisign Crypt::CBC Insecure Random Number Generation Vulnerability"

CVE ID : CVE-2025-2814
Published : April 13, 2025, 12:15 a.m. | 1 day, 2 hours ago
Description : Crypt::CBC versions between 1.21 and 3.04 for Perl may use the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. This issue affects operating systems where "/dev/urandom'" is unavailable.  In that case, Crypt::CBC will fallback to use the insecure rand() function.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 13 Apr 2025 00:15:00 GMT

read more

CVE-2025-1455 - WordPress Royal Elementor Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-1455
Published : April 12, 2025, 9:15 a.m. | 1 day, 17 hours ago
Description : The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Woo Grid widget in all versions up to, and including, 1.7.1012 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 12 Apr 2025 09:15:00 GMT

read more

CVE-2025-1456 - Elementor Royal Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-1456
Published : April 12, 2025, 9:15 a.m. | 1 day, 17 hours ago
Description : The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `widgetGrid`, `widgetCountDown`, and `widgetInstagramFeed` methods in all versions up to, and including, 1.7.1012 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 12 Apr 2025 09:15:00 GMT

read more

CVE-2024-13338 - Clearfy Cache - WordPress CSRF

CVE ID : CVE-2024-13338
Published : April 12, 2025, 7:15 a.m. | 1 day, 18 hours ago
Description : The Clearfy Cache – WordPress optimization plugin, Minify HTML, CSS & JS, Defer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.3.1. This is due to missing or incorrect nonce validation on the wclearfy_cache_delete functionality . This makes it possible for unauthenticated attackers to clear the cache via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 12 Apr 2025 07:15:00 GMT

read more

CVE-2025-3276 - SKT Blocks - WordPress Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3276
Published : April 12, 2025, 7:15 a.m. | 1 day, 18 hours ago
Description : The SKT Blocks – Gutenberg based Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Post Carousel block in all versions up to, and including, 1.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 12 Apr 2025 07:15:00 GMT

read more

CVE-2025-3282 - WordPress User Registration Membership Insecure Direct Object Reference

CVE ID : CVE-2025-3282
Published : April 12, 2025, 7:15 a.m. | 1 day, 18 hours ago
Description : The User Registration & Membership – Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.1.3 via the user_registration_membership_register_member() due to missing validation on the 'membership_id' user controlled key. This makes it possible for unauthenticated attackers to update any user's membership to any other active or non-active membership type.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 12 Apr 2025 07:15:00 GMT

read more

CVE-2025-3292 - WordPress User Registration Membership Insecure Direct Object Reference (IDOR)

CVE ID : CVE-2025-3292
Published : April 12, 2025, 7:15 a.m. | 1 day, 18 hours ago
Description : The User Registration & Membership – Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.1.3 via the user_registration_update_profile_details() due to missing validation on the 'user_id' user controlled key. This makes it possible for unauthenticated attackers to update other user's passwords, if they have access to the user ID and email.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 12 Apr 2025 07:15:00 GMT

read more

CVE-2025-3418 - WordPress WPC Admin Columns Privilege Escalation Vulnerability

CVE ID : CVE-2025-3418
Published : April 12, 2025, 7:15 a.m. | 1 day, 18 hours ago
Description : The WPC Admin Columns plugin for WordPress is vulnerable to privilege escalation in versions 2.0.6 to 2.1.0. This is due to the plugin not properly restricting user meta values that can be updated through the ajax_edit_save() function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update their role to that of an administrator.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 12 Apr 2025 07:15:00 GMT

read more

CVE-2024-13337 - Clearfy Cache – WordPress optimization plugin Cross-Site Request Forgery (CSRF) Vulnerability

CVE ID : CVE-2024-13337
Published : April 12, 2025, 7:15 a.m. | 20 hours, 57 minutes ago
Description : The Clearfy Cache – WordPress optimization plugin, Minify HTML, CSS & JS, Defer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.3.2. This is due to missing or incorrect nonce validation on the 'setup-wbcr_clearfy' page. This makes it possible for unauthenticated attackers to update the plugins settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 12 Apr 2025 07:15:00 GMT

read more

CVE-2025-2871 - "QuadMenu Cross-Site Request Forgery (CSRF) Vulnerability"

CVE ID : CVE-2025-2871
Published : April 12, 2025, 4:15 a.m. | 1 day, 19 hours ago
Description : The WordPress Mega Menu – QuadMenu plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.0. This is due to missing or incorrect nonce validation on the ajax_dismiss_notice() function. This makes it possible for unauthenticated attackers to update any user meta to a value of one, including wp_capabilities which could result in a privilege deescalation of an administrator, via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 12 Apr 2025 04:15:00 GMT

read more

CVE-2025-2881 - "WordPress Developer Toolbar Sensitive Information Exposure"

CVE ID : CVE-2025-2881
Published : April 12, 2025, 3:15 a.m. | 1 day, 21 hours ago
Description : The Developer Toolbar plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.3 through the publicly accessible phpinfo.php script. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed file.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 12 Apr 2025 03:15:00 GMT

read more

CVE-2025-2841 - Cart66 Cloud WordPress Sensitive Information Exposure Vulnerability

CVE ID : CVE-2025-2841
Published : April 12, 2025, 3:15 a.m. | 1 day, 10 hours ago
Description : The Cart66 Cloud plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.3.7 through the publicly accessible phpinfo.php script. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed file.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 12 Apr 2025 03:15:00 GMT

read more

CVE-2025-29803 - Microsoft SQL Server Management Studio Path Traversal Privilege Escalation

CVE ID : CVE-2025-29803
Published : April 12, 2025, 2:15 a.m. | 1 day, 11 hours ago
Description : Uncontrolled search path element in Visual Studio Tools for Applications and SQL Server Management Studio allows an authorized attacker to elevate privileges locally.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 12 Apr 2025 02:15:00 GMT

read more

CVE-2025-29834 - Microsoft Edge (Chromium-based) Out-of-bounds Read Code Execution

CVE ID : CVE-2025-29834
Published : April 12, 2025, 2:15 a.m. | 1 day, 11 hours ago
Description : Out-of-bounds read in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 12 Apr 2025 02:15:00 GMT

read more

CVE-2025-32726 - Visual Studio Code Privilege Escalation Vulnerability

CVE ID : CVE-2025-32726
Published : April 12, 2025, 2:15 a.m. | 1 day, 11 hours ago
Description : Improper access control in Visual Studio Code allows an authorized attacker to elevate privileges locally.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 12 Apr 2025 02:15:00 GMT

read more

CVE-2025-2269 - 10Web Photo Gallery by 10Web Reflected Cross-Site Scripting

CVE ID : CVE-2025-2269
Published : April 12, 2025, 12:15 a.m. | 1 day, 13 hours ago
Description : The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘image_id’ parameter in all versions up to, and including, 1.8.34 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick an administrative user into performing an action such as clicking on a link.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 12 Apr 2025 00:15:00 GMT

read more

CVE-2025-0129 - Prisma Access Browser: Cross-Site Scripting (XSS)

CVE ID : CVE-2025-0129
Published : April 11, 2025, 11:15 p.m. | 1 day, 14 hours ago
Description : Prisma Access Browser: Inappropriate control behavior in Prisma Access Browser
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 11 Apr 2025 23:15:00 GMT

read more

CVE-2024-11679 - IBM System x Server Memory Information Disclosure Vulnerability

CVE ID : CVE-2024-11679
Published : April 11, 2025, 7:15 p.m. | 1 day, 17 hours ago
Description : An input validation weakness was reported in the TpmSetup module for some legacy System x server products that could allow a local attacker with elevated privileges to read the contents of memory.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 11 Apr 2025 19:15:00 GMT

read more

CVE-2025-0119 - Palo Alto Networks Cortex XDR Broker VM Command Injection Vulnerability

CVE ID : CVE-2025-0119
Published : April 11, 2025, 6:15 p.m. | 1 day, 18 hours ago
Description : A command injection vulnerability in the Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to execute arbitrary OS commands with root privileges on the host operating system running Broker VM.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 11 Apr 2025 18:15:00 GMT

read more

CVE-2025-0123 - Palo Alto Networks PAN-OS Unauthorized Access to Decrypted Packet Captures

CVE ID : CVE-2025-0123
Published : April 11, 2025, 6:15 p.m. | 1 day, 18 hours ago
Description : A vulnerability in the Palo Alto Networks PAN-OS® software enables unlicensed administrators to view clear-text data captured using the packet capture feature https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-admin/monitoring/take-packet-captures/take-a-custom-packet-capture in decrypted HTTP/2 data streams traversing network interfaces on the firewall. HTTP/1.1 data streams are not impacted. In normal conditions, decrypted packet captures are available to firewall administrators after they obtain and install a free Decryption Port Mirror license. The license requirement ensures that this feature can only be used after approved personnel purposefully activate the license. For more information, review how to configure decryption port mirroring https://docs.paloaltonetworks.com/network-security/decryption/administration/monitoring-decryption/configure-decryption-port-mirroring . The administrator must obtain network access to the management interface (web, SSH, console, or telnet) and successfully authenticate to exploit this issue. Risk of this issue can be greatly reduced by restricting access to the management interface to only trusted administrators and from only internal IP addresses according to our recommended critical deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . Customer firewall administrators do not have access to the packet capture feature in Cloud NGFW. This feature is available only to authorized Palo Alto Networks personnel permitted to perform troubleshooting. Prisma® Access is not impacted by this vulnerability.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 11 Apr 2025 18:15:00 GMT

read more

CVE-2025-32079 - Wikimedia Mediawiki GrowthExperiments HTTP Denial of Service (DoS)

CVE ID : CVE-2025-32079
Published : April 11, 2025, 5:15 p.m. | 1 day, 16 hours ago
Description : Improper Input Validation vulnerability in The Wikimedia Foundation Mediawiki - GrowthExperiments allows HTTP DoS.This issue affects Mediawiki - GrowthExperiments: from 1.39 through 1.43.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 11 Apr 2025 17:15:00 GMT

read more

CVE-2025-32080 - Wikimedia Foundation Mediawiki Mobile Frontend Extension Information Exposure Vulnerability

CVE ID : CVE-2025-32080
Published : April 11, 2025, 5:15 p.m. | 1 day, 16 hours ago
Description : Exposure of Sensitive Information to an Unauthorized Actor vulnerability in The Wikimedia Foundation Mediawiki - Mobile Frontend Extension allows Shared Resource Manipulation.This issue affects Mediawiki - Mobile Frontend Extension: from 1.39 through 1.43.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 11 Apr 2025 17:15:00 GMT

read more

CVE-2025-32367 - Oz Forensics Face Recognition IDOR

CVE ID : CVE-2025-32367
Published : April 11, 2025, 5:15 p.m. | 1 day, 16 hours ago
Description : The Oz Forensics face recognition application before 4.0.8 late 2023 allows PII retrieval via /statistic/list Insecure Direct Object Reference. NOTE: the number 4.0.8 was used for both the unpatched and patched versions.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 11 Apr 2025 17:15:00 GMT

read more

CVE-2025-32077 - WikiMedia SimpleCalendar XSS

CVE ID : CVE-2025-32077
Published : April 11, 2025, 5:15 p.m. | 1 day, 12 hours ago
Description : Improper Input Validation vulnerability in The Wikimedia Foundation Mediawiki - Extension:SimpleCalendar allows Cross-Site Scripting (XSS).This issue affects Mediawiki - Extension:SimpleCalendar: from 1.39 through 1.43.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 11 Apr 2025 17:15:00 GMT

read more

CVE-2025-32078 - Wikimedia Mediawiki Version Compare Extension XSS

CVE ID : CVE-2025-32078
Published : April 11, 2025, 5:15 p.m. | 1 day, 12 hours ago
Description : Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki - Version Compare Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - Version Compare Extension: from 1.39 through 1.43.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 11 Apr 2025 17:15:00 GMT

read more

CVE-2025-32076 - Wikimedia Mediawiki Visual Data Extension HTTP DoS Vulnerability

CVE ID : CVE-2025-32076
Published : April 11, 2025, 5:15 p.m. | 18 hours, 52 minutes ago
Description : Improper Input Validation vulnerability in The Wikimedia Foundation Mediawiki - Visual Data Extension allows HTTP DoS.This issue affects Mediawiki - Visual Data Extension: from 1.39 through 1.43.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 11 Apr 2025 17:15:00 GMT

read more

CVE-2025-32067 - Wikimedia Mediawiki Growth Experiments XSS

CVE ID : CVE-2025-32067
Published : April 11, 2025, 5:15 p.m. | 14 hours, 52 minutes ago
Description : Improper Input Validation vulnerability in The Wikimedia Foundation Mediawiki - Growth Experiments Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - Growth Experiments Extension: from 1.39 through 1.43.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 11 Apr 2025 17:15:00 GMT

read more

CVE-2025-32068 - Wikimedia Foundation Mediawiki OAuth Extension Authorization Bypass

CVE ID : CVE-2025-32068
Published : April 11, 2025, 5:15 p.m. | 14 hours, 52 minutes ago
Description : Incorrect Authorization vulnerability in The Wikimedia Foundation Mediawiki - OAuth Extension allows Authentication Bypass.This issue affects Mediawiki - OAuth Extension: from 1.39 through 1.43.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 11 Apr 2025 17:15:00 GMT

read more

CVE-2025-32069 - "Wikimedia Mediawiki Wikibase Media Info Extension Cross-Site Scripting (XSS)"

CVE ID : CVE-2025-32069
Published : April 11, 2025, 5:15 p.m. | 9 hours, 13 minutes ago
Description : Improper Input Validation vulnerability in The Wikimedia Foundation Mediawiki - Wikibase Media Info Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - Wikibase Media Info Extension: from 1.39 through 1.43.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 11 Apr 2025 17:15:00 GMT

read more

CVE-2025-32070 - Wikimedia Mediawiki AJAX Poll Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-32070
Published : April 11, 2025, 5:15 p.m. | 9 hours, 13 minutes ago
Description : Improper Input Validation vulnerability in The Wikimedia Foundation Mediawiki - AJAX Poll Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - AJAX Poll Extension: from 1.39 through 1.43.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 11 Apr 2025 17:15:00 GMT

read more

CVE-2025-32071 - Wikimedia Mediawiki Wikidata Extension Cross-Site Scripting (XSS)

CVE ID : CVE-2025-32071
Published : April 11, 2025, 5:15 p.m. | 9 hours, 13 minutes ago
Description : Improper Input Validation vulnerability in The Wikimedia Foundation Mediawiki - Wikidata Extension allows Cross-Site Scripting (XSS) from widthheight message via ImageHandler::getDimensionsString()This issue affects Mediawiki - Wikidata Extension: from 1.39 through 1.43.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 11 Apr 2025 17:15:00 GMT

read more

CVE-2025-32072 - Wikimedia Mediawiki Core Feed Utils XML External Entity (XXE) Injection

CVE ID : CVE-2025-32072
Published : April 11, 2025, 5:15 p.m. | 9 hours, 13 minutes ago
Description : Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki Core - Feed Utils allows WebView Injection.This issue affects Mediawiki Core - Feed Utils: from 1.39 through 1.43.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 11 Apr 2025 17:15:00 GMT

read more

CVE-2025-32073 - Wikimedia Mediawiki HTML Tags Cross-Site Scripting (XSS)

CVE ID : CVE-2025-32073
Published : April 11, 2025, 5:15 p.m. | 9 hours, 13 minutes ago
Description : Improper Input Validation vulnerability in The Wikimedia Foundation Mediawiki - HTML Tags allows Cross-Site Scripting (XSS).This issue affects Mediawiki - HTML Tags: from 1.39 through 1.43.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 11 Apr 2025 17:15:00 GMT

read more

CVE-2025-32074 - Wikimedia Mediawiki Confirm Account Extension XSS

CVE ID : CVE-2025-32074
Published : April 11, 2025, 5:15 p.m. | 9 hours, 13 minutes ago
Description : Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki - Confirm Account Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - Confirm Account Extension: from 1.39 through 1.43.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 11 Apr 2025 17:15:00 GMT

read more

CVE-2025-32075 - WikiMedia Foundation Mediawiki Tabs Extension Code Injection Vulnerability

CVE ID : CVE-2025-32075
Published : April 11, 2025, 5:15 p.m. | 9 hours, 13 minutes ago
Description : Improper Input Validation vulnerability in The Wikimedia Foundation Mediawiki - Tabs Extension allows Code Injection.This issue affects Mediawiki - Tabs Extension: from 1.39 through 1.43.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 11 Apr 2025 17:15:00 GMT

read more

CVE-2025-31354 - Subnet Solutions PowerSYSTEM Center ECDSA Signature Validation Vulnerability

CVE ID : CVE-2025-31354
Published : April 11, 2025, 4:15 p.m. | 10 hours, 13 minutes ago
Description : Subnet Solutions PowerSYSTEM Center's SMTPS notification service can be affected by importing an EC certificate with crafted F2m parameters, which can lead to excessive CPU consumption during the evaluation of the curve parameters.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 11 Apr 2025 16:15:00 GMT

read more

CVE-2025-31935 - Subnet Solutions PowerSYSTEM Center Denial of Service (DoS)

CVE ID : CVE-2025-31935
Published : April 11, 2025, 4:15 p.m. | 10 hours, 13 minutes ago
Description : Subnet Solutions PowerSYSTEM Center is affected by a mishandling of exceptional conditions vulnerability. Crafted data that is passed to the API may trigger an exception, resulting in a denial-of-service condition.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 11 Apr 2025 16:15:00 GMT

read more

CVE-2023-42981 - Apple macOS File Processing Denial-of-Service and Information Disclosure Vulnerability

CVE ID : CVE-2023-42981
Published : April 11, 2025, 3:15 p.m. | 11 hours, 13 minutes ago
Description : Processing a file may lead to a denial-of-service or potentially disclose memory contents. This issue is fixed in macOS 14. The issue was addressed with improved checks.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 11 Apr 2025 15:15:00 GMT

read more

CVE-2023-42982 - Apple macOS File Processing Denial-of-Service/Memory Disclosure

CVE ID : CVE-2023-42982
Published : April 11, 2025, 3:15 p.m. | 11 hours, 13 minutes ago
Description : Processing a file may lead to a denial-of-service or potentially disclose memory contents. This issue is fixed in macOS 14. The issue was addressed with improved checks.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 11 Apr 2025 15:15:00 GMT

read more

CVE-2023-42983 - Apple macOS File Processing Denial-of-Service/Memory Disclosure Vulnerability

CVE ID : CVE-2023-42983
Published : April 11, 2025, 3:15 p.m. | 11 hours, 13 minutes ago
Description : Processing a file may lead to a denial-of-service or potentially disclose memory contents. This issue is fixed in macOS 14. The issue was addressed with improved checks.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 11 Apr 2025 15:15:00 GMT

read more

Fuite de données chez Harvest

gestion de patrimoine

Fri Apr 11 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

CVE-2024-10894 - Paystack WordPress Payment Forms Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2024-10894
Published : April 10, 2025, 7:15 a.m. | 1 hour, 4 minutes ago
Description : The Payment Forms for Paystack plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes like 'datepicker', 'textarea', and 'text' in all versions up to, and including, 4.0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 10 Apr 2025 07:15:00 GMT

read more

CVE-2024-13874 - Feedify WordPress Plugin Reflected Cross-Site Scripting Vulnerability

CVE ID : CVE-2024-13874
Published : April 10, 2025, 7:15 a.m. | 1 hour, 4 minutes ago
Description : The Feedify WordPress plugin before 2.4.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 10 Apr 2025 07:15:00 GMT

read more

CVE-2024-13896 - WordPress WP-GeSHi-Highlight Regular Expression Denial of Service (ReDoS)

CVE ID : CVE-2024-13896
Published : April 10, 2025, 7:15 a.m. | 1 hour, 4 minutes ago
Description : The WP-GeSHi-Highlight — rock-solid syntax highlighting for 259 languages WordPress plugin through 1.4.3 processes user-supplied input as a regular expression via the wp_geshi_filter_replace_code() function, which could lead to Regular Expression Denial of Service (ReDoS) issue
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 10 Apr 2025 07:15:00 GMT

read more

CVE-2024-13909 - "Accredible Certificates Open Badges WordPress SQL Injection"

CVE ID : CVE-2024-13909
Published : April 10, 2025, 7:15 a.m. | 1 hour, 4 minutes ago
Description : The Accredible Certificates & Open Badges plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby’ parameter in all versions up to, and including, 1.4.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 10 Apr 2025 07:15:00 GMT

read more

CVE-2025-2719 - Swatchly – WooCommerce Variation Swatches Privilege Escalation Vulnerability

CVE ID : CVE-2025-2719
Published : April 10, 2025, 7:15 a.m. | 1 hour, 4 minutes ago
Description : The Swatchly – WooCommerce Variation Swatches for Products (product attributes: Image swatch, Color swatches, Label swatches) plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_dismiss function in versions 1.2.8 to 1.4.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update option values to 1/true on the WordPress site. This can be leveraged to update an option that would create an error on the site and deny access to legitimate users or be used to set some values to true, such as registration.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 10 Apr 2025 07:15:00 GMT

read more

CVE-2025-2805 - WordPress ORDER POST Arbitrary Shortcode Execution Vulnerability

CVE ID : CVE-2025-2805
Published : April 10, 2025, 7:15 a.m. | 1 hour, 4 minutes ago
Description : The ORDER POST plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.0.2. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 10 Apr 2025 07:15:00 GMT

read more

CVE-2025-2809 - Azurecurve Shortcodes in Comments Plugin Arbitrary Shortcode Execution Vulnerability

CVE ID : CVE-2025-2809
Published : April 10, 2025, 7:15 a.m. | 1 hour, 4 minutes ago
Description : The azurecurve Shortcodes in Comments plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.0.2. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 10 Apr 2025 07:15:00 GMT

read more

CVE-2025-3417 - WordPress Embedder Privilege Escalation Vulnerability

CVE ID : CVE-2025-3417
Published : April 10, 2025, 7:15 a.m. | 1 hour, 4 minutes ago
Description : The Embedder plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the ajax_set_global_option() function in versions 1.3 to 1.3.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 10 Apr 2025 07:15:00 GMT

read more

CVE-2025-0539 - Microsoft Octopus Deploy Server-Side Request Forgery (SSRF)

CVE ID : CVE-2025-0539
Published : April 10, 2025, 6:15 a.m. | 2 hours, 4 minutes ago
Description : In affected Microsoft Windows versions of Octopus Deploy, the server can be coerced into sending server-side requests that contain authentication material allowing a suitably positioned attacker to compromise the account running Octopus Server and potentially the host infrastructure itself.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 10 Apr 2025 06:15:00 GMT

read more

CVE-2025-3102 - WordPress SureTriggers Plugin Authentication Bypass Vulnerability

CVE ID : CVE-2025-3102
Published : April 10, 2025, 5:15 a.m. | 3 hours, 4 minutes ago
Description : The SureTriggers: All-in-One Automation Platform plugin for WordPress is vulnerable to an authentication bypass leading to administrative account creation due to a missing empty value check on the 'secret_key' value in the 'autheticate_user' function in all versions up to, and including, 1.0.78. This makes it possible for unauthenticated attackers to create administrator accounts on the target website when the plugin is installed and activated but not configured with an API key.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 10 Apr 2025 05:15:00 GMT

read more

CVE-2025-3489 - Nababur Simple-User-Management-System Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3489
Published : April 10, 2025, 4:15 a.m. | 4 hours, 4 minutes ago
Description : A vulnerability was found in Nababur Simple-User-Management-System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /register.php. The manipulation of the argument name/username leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 10 Apr 2025 04:15:00 GMT

read more

CVE-2024-58136 - Yii 2 Behavior Array Key Attachment Vulnerability

CVE ID : CVE-2024-58136
Published : April 10, 2025, 3:15 a.m. | 5 hours, 5 minutes ago
Description : Yii 2 before 2.0.52 mishandles the attaching of behavior that is defined by an __class array key, a CVE-2024-4990 regression, as exploited in the wild in February through April 2025.
Severity: 9.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 10 Apr 2025 03:15:00 GMT

read more

CVE-2025-22471 - Dell PowerScale OneFS Integer Overflow Denial of Service

CVE ID : CVE-2025-22471
Published : April 10, 2025, 3:15 a.m. | 5 hours, 5 minutes ago
Description : Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.1, contains an integer overflow or wraparound vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 10 Apr 2025 03:15:00 GMT

read more

CVE-2025-23378 - Dell PowerScale OneFS Directory Listing Information Exposure

CVE ID : CVE-2025-23378
Published : April 10, 2025, 3:15 a.m. | 5 hours, 5 minutes ago
Description : Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.0, contains an exposure of information through directory listing vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to information disclosure.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 10 Apr 2025 03:15:00 GMT

read more

CVE-2025-26330 - Dell PowerScale OneFS Local Privilege Escalation Authorization Bypass

CVE ID : CVE-2025-26330
Published : April 10, 2025, 3:15 a.m. | 5 hours, 5 minutes ago
Description : Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.1, contains an incorrect authorization vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability to access the cluster with previous privileges of a disabled user account.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 10 Apr 2025 03:15:00 GMT

read more

CVE-2025-26479 - Dell PowerScale OneFS Out-of-Bounds Write Vulnerability

CVE ID : CVE-2025-26479
Published : April 10, 2025, 3:15 a.m. | 5 hours, 5 minutes ago
Description : Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.0, contains an out-of-bounds write vulnerability. An attacker could potentially exploit this vulnerability in NFS workflows, leading to data integrity issues.
Severity: 3.1 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 10 Apr 2025 03:15:00 GMT

read more

CVE-2025-26480 - Dell PowerScale OneFS Denial of Service Vulnerability

CVE ID : CVE-2025-26480
Published : April 10, 2025, 3:15 a.m. | 5 hours, 5 minutes ago
Description : Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.0.0, contains an uncontrolled resource consumption vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 10 Apr 2025 03:15:00 GMT

read more

CVE-2025-27690 - Dell PowerScale OneFS Default Password Vulnerability (Remote Authentication Bypass)

CVE ID : CVE-2025-27690
Published : April 10, 2025, 3:15 a.m. | 5 hours, 5 minutes ago
Description : Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.1.0, contains a use of default password vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to the takeover of a high privileged user account.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 10 Apr 2025 03:15:00 GMT

read more

CVE-2025-29989 - Dell Client Platform BIOS Denial of Service (DoS) Vulnerability

CVE ID : CVE-2025-29989
Published : April 9, 2025, 9:16 p.m. | 9 hours, 3 minutes ago
Description : Dell Client Platform BIOS contains a Security Version Number Mutable to Older Versions vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to BIOS upgrade denial.
Severity: 3.1 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Thu, 10 Apr 2025 02:15:00 GMT

read more

CVE-2025-30653 - Juniper Networks Junos OS and Junos OS Evolved Routing Protocol Daemon (rpd) Expired Pointer Dereference Denial of Service (DoS)

CVE ID : CVE-2025-30653
Published : April 9, 2025, 8:15 p.m. | 10 hours, 4 minutes ago
Description : An Expired Pointer Dereference vulnerability in Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause Denial of Service (DoS).On all Junos OS and Junos OS Evolved platforms, when an MPLS Label-Switched Path (LSP) is configured with node-link-protection and transport-class, and an LSP flaps, rpd crashes and restarts. Continuous flapping of LSP can cause a sustained Denial of Service (DoS) condition. This issue affects: Junos OS: * All versions before 22.2R3-S4, * 22.4 versions before 22.4R3-S2, * 23.2 versions before 23.2R2, * 23.4 versions before 23.4R2. Junos OS Evolved: * All versions before 22.2R3-S4-EVO, * 22.4-EVO versions before 22.4R3-S2-EVO, * 23.2-EVO versions before 23.2R2-EVO, * 23.4-EVO versions before 23.4R2-EVO.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 09 Apr 2025 20:15:00 GMT

read more

CVE-2025-30654 - Juniper Networks Junos OS and Junos OS Evolved Sensitive Information Disclosure

CVE ID : CVE-2025-30654
Published : April 9, 2025, 8:15 p.m. | 10 hours, 4 minutes ago
Description : An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in the User Interface (UI) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged, authenticated attacker with access to the CLI to access sensitive information.  Through the execution of a specific show mgd command, a user with limited permissions (e.g., a low-privileged login class user) can access sensitive information such as hashed passwords, that can be used to further impact the system. This issue affects Junos OS:  * All versions before 21.4R3-S10, * from 22.2 before 22.2R3-S5, * from 22.4 before 22.4R3-S5,  * from 23.2 before 23.2R2-S3,  * from 23.4 before 23.4R2-S3. Junos OS Evolved:  * All versions before 21.4R3-S10-EVO, * from 22.2-EVO before 22.2R3-S6-EVO,  * from 22.4-EVO before 22.4R3-S5-EVO,  * from 23.2-EVO before 23.2R2-S3-EVO,  * from 23.4-EVO before 23.4R2-S3-EVO.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 09 Apr 2025 20:15:00 GMT

read more

CVE-2025-30655 - Juniper Networks Junos OS/Junos OS Evolved BGP RPD Denial-of-Service

CVE ID : CVE-2025-30655
Published : April 9, 2025, 8:15 p.m. | 10 hours, 4 minutes ago
Description : An Improper Check for Unusual or Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker to cause a Denial-of-Service (DoS). When a specific "show bgp neighbor" CLI command is run, the rpd cpu utilization rises and eventually causes a crash and restart. Repeated use of this command will cause a sustained DoS condition.  The device is only affected if BGP RIB sharding and update-threading is enabled. This issue affects Junos OS:  * All versions before 21.2R3-S9,  * from 21.4 before 21.4R3-S8, * from 22.2 before 22.2R3-S6,  * from 22.4 before 22.4R3-S2,  * from 23.2 before 23.2R2-S3,  * from 23.4 before 23.4R2. and Junos OS Evolved:  * All versions before 21.2R3-S9-EVO,  * from 21.4-EVO before 21.4R3-S8-EVO,  * from 22.2-EVO before 22.2R3-S6-EVO,  * from 22.4-EVO before 22.4R3-S2-EVO,  * from 23.2-EVO before 23.2R2-S3-EVO,  * from 23.4-EVO before 23.4R2-EVO.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 09 Apr 2025 20:15:00 GMT

read more

CVE-2025-30656 - Juniper Junos OS Packet Forwarding Engine Denial-of-Service Memory Corruption

CVE ID : CVE-2025-30656
Published : April 9, 2025, 8:15 p.m. | 10 hours, 4 minutes ago
Description : An Improper Handling of Additional Special Element vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series with MS-MPC, MS-MIC and SPC3, and SRX Series, allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). If the SIP ALG processes specifically formatted SIP invites, a memory corruption will occur which will lead to a crash of the FPC processing these packets. Although the system will automatically recover with the restart of the FPC, subsequent SIP invites will cause the crash again and lead to a sustained DoS. This issue affects Junos OS on MX Series and SRX Series:  * all versions before 21.2R3-S9, * 21.4 versions before 21.4R3-S10, * 22.2 versions before 22.2R3-S6, * 22.4 versions before 22.4R3-S5, * 23.2 versions before 23.2R2-S3, * 23.4 versions before 23.4R2-S3, * 24.2 versions before 24.2R1-S2, 24.2R2.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 09 Apr 2025 20:15:00 GMT

read more

CVE-2025-30657 - Juniper Networks Junos OS Denial of Service Vulnerability

CVE ID : CVE-2025-30657
Published : April 9, 2025, 8:15 p.m. | 10 hours, 4 minutes ago
Description : An Improper Encoding or Escaping of Output vulnerability in the Sampling Route Record Daemon (SRRD) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). When a device configured for flow-monitoring receives a specific BGP update message, it is correctly processed internally by the routing protocol daemon (rpd), but when it's sent to SRRD it's encoded incorrectly which leads to a crash and momentary interruption of jflow processing until it automatically restarts. This issue does not affect traffic forwarding itself. This issue affects Junos OS:  * All versions before 21.2R3-S9, * 21.4 versions before 21.4R3-S10, * 22.2 versions before 22.2R3-S6, * 22.4 versions before 22.4R3, * 23.2 versions before 23.2R1-S2, 23.2R2. This issue does not affected Junos OS Evolved.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 09 Apr 2025 20:15:00 GMT

read more

CVE-2025-30658 - Juniper Networks Junos OS SRX Series Anti-Virus Memory Leak Denial-of-Service Vulnerability

CVE ID : CVE-2025-30658
Published : April 9, 2025, 8:15 p.m. | 10 hours, 4 minutes ago
Description : A Missing Release of Memory after Effective Lifetime vulnerability in the Anti-Virus processing of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). On all SRX platforms with Anti-Virus enabled, if a server sends specific content in the HTTP body of a response to a client request, these packets are queued by Anti-Virus processing in Juniper Buffers (jbufs) which are never released. When these jbufs are exhausted, the device stops forwarding all transit traffic. A jbuf memory leak can be noticed from the following logs: (.) Warning: jbuf pool id <#> utilization level (%) is above %! To recover from this issue, the affected device needs to be manually rebooted to free the leaked jbufs. This issue affects Junos OS on SRX Series:  * all versions before 21.2R3-S9, * 21.4 versions before 21.4R3-S10, * 22.2 versions before 22.2R3-S6, * 22.4 versions before 22.4R3-S6, * 23.2 versions before 23.2R2-S3, * 23.4 versions before 23.4R2-S3, * 24.2 versions before 24.2R2.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 09 Apr 2025 20:15:00 GMT

read more

CVE-2025-30659 - Juniper Networks Junos OS SRX Series Denial-of-Service (DoS) Vulnerability

CVE ID : CVE-2025-30659
Published : April 9, 2025, 8:15 p.m. | 10 hours, 4 minutes ago
Description : An Improper Handling of Length Parameter Inconsistency vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). When a device configured for Secure Vector Routing (SVR) receives a specifically malformed packet the PFE will crash and restart. This issue affects Junos OS on SRX Series: * All 21.4 versions, * 22.2 versions before 22.2R3-S6, * 22.4 versions before 22.4R3-S6, * 23.2 versions before 23.2R2-S3, * 23.4 versions before 23.4R2-S4, * 24.2 versions before 24.2R2. This issue does not affect versions before 21.4.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 09 Apr 2025 20:15:00 GMT

read more

CVE-2025-30660 - Juniper Networks Junos OS GRE Traffic Denial-of-Service Vulnerability

CVE ID : CVE-2025-30660
Published : April 9, 2025, 8:15 p.m. | 10 hours, 4 minutes ago
Description : An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).When processing a high rate of specific GRE traffic destined to the device, the respective PFE will hang causing traffic forwarding to stop. When this issue occurs the following logs can be observed: MQSS(0): LI-3: Received a parcel with more than 512B accompanying data CHASSISD_FPC_ASIC_ERROR: ASIC Error detected <...> This issue affects Junos OS: * all versions before 21.2R3-S9, * 21.4 versions before 21.4R3-S8, * 22.2 versions before 22.2R3-S4, * 22.4 versions before 22.4R3-S5, * 23.2 versions before 23.2R2-S2, * 23.4 versions before 23.4R2.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 09 Apr 2025 20:15:00 GMT

read more

CVE-2025-2632 - NI LabVIEW CPU Info Disclosure and Code Execution

CVE ID : CVE-2025-2632
Published : April 9, 2025, 8:15 p.m. | 8 hours, 3 minutes ago
Description : Out of bounds write vulnerability due to improper bounds checking in NI LabVIEW reading CPU info from cache that may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q1 and prior versions.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 09 Apr 2025 20:15:00 GMT

read more

CVE-2025-30644 - Juniper Networks Junos OS Flexible PIC Concentrator Remote Code Execution and Denial of Service Vulnerability

CVE ID : CVE-2025-30644
Published : April 9, 2025, 8:15 p.m. | 8 hours, 3 minutes ago
Description : A Heap-based Buffer Overflow vulnerability in the flexible PIC concentrator (FPC) of Juniper Networks Junos OS on EX2300, EX3400, EX4100, EX4300, EX4300MP, EX4400, EX4600, EX4650-48Y, and QFX5k Series allows an attacker to send a specific DHCP packet to the device, leading to an FPC crash and restart, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. Under a rare timing scenario outside the attacker's control, memory corruption may be observed when DHCP Option 82 is enabled, leading to an FPC crash and affecting packet forwarding. Due to the nature of the heap-based overflow, exploitation of this vulnerability could also lead to remote code execution within the FPC, resulting in complete control of the vulnerable component. This issue affects Junos OS on EX2300, EX3400, EX4100, EX4300, EX4300MP, EX4400, EX4600, EX4650-48Y, and QFX5k Series: * All versions before 21.4R3-S9,  * from 22.2 before 22.2R3-S5,  * from 22.4 before 22.4R3-S5,  * from 23.2 before 23.2R2-S3,  * from 23.4 before 23.4R2-S3,  * from 24.2 before 24.2R2.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 09 Apr 2025 20:15:00 GMT

read more

CVE-2025-30645 - Juniper Networks Junos OS SRX Series NULL Pointer Dereference Denial of Service Vulnerability

CVE ID : CVE-2025-30645
Published : April 9, 2025, 8:15 p.m. | 6 hours, 43 minutes ago
Description : A NULL Pointer Dereference vulnerability in the flow daemon (flowd) of Juniper Networks Junos OS on SRX Series allows an attacker causing specific, valid control traffic to be sent out of a Dual-Stack (DS) Lite tunnel to crash the flowd process, resulting in a Denial of Service (DoS).  Continuous triggering of specific control traffic will create a sustained Denial of Service (DoS) condition. On all SRX platforms, when specific, valid control traffic needs to be sent out of a DS-Lite tunnel, a segmentation fault occurs within the flowd process, resulting in a network outage until the flowd process restarts. This issue affects Junos OS on SRX Series: * All versions before 21.2R3-S9, * from 21.4 before 21.4R3-S9, * from 22.2 before 22.2R3-S5, * from 22.4 before 22.4R3-S6, * from 23.2 before 23.2R2-S3, * from 23.4 before 23.4R2.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 09 Apr 2025 20:15:00 GMT

read more

CVE-2025-30646 - Juniper Networks Junos OS and Junos OS Evolved LLDP Signed to Unsigned Conversion Error Denial of Service

CVE ID : CVE-2025-30646
Published : April 9, 2025, 8:15 p.m. | 8 hours, 3 minutes ago
Description : A Signed to Unsigned Conversion Error vulnerability in the Layer 2 Control Protocol daemon (l2cpd) of Juniper Networks Junos OS and Juniper Networks Junos OS Evolved allows an unauthenticated adjacent attacker sending a specifically malformed LLDP TLV to cause the l2cpd process to crash and restart, causing a Denial of Service (DoS).  Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. When an LLDP telemetry subscription is active, receipt of a specifically malformed LLDP TLV causes the l2cpd process to crash and restart. This issue affects: Junos OS: * All versions before 21.2R3-S9,  * from 21.4 before 21.4R3-S10,  * from 22.2 before 22.2R3-S6,  * from 22.4 before 22.4R3-S6,  * from 23.2 before 23.2R2-S3,  * from 23.4 before 23.4R2-S4,  * from 24.2 before 24.2R2;  Junos OS Evolved:  * All versions before 21.4R3-S10-EVO, * from 22.2-EVO before 22.2R3-S6-EVO,  * from 22.4-EVO before 22.4R3-S6-EVO,  * from 23.2-EVO before 23.2R2-S3-EVO,  * from 23.4-EVO before 23.4R2-S4-EVO,  * from 24.2-EVO before 24.2R2-EVO.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 09 Apr 2025 20:15:00 GMT

read more

CVE-2025-30647 - Juniper Networks Junos OS MX Series Memory Leak DoS Vulnerability

CVE ID : CVE-2025-30647
Published : April 9, 2025, 8:15 p.m. | 8 hours, 3 minutes ago
Description : A Missing Release of Memory after Effective Lifetime vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on MX Series allows an unauthenticated adjacent attacker to cause a Denial-of-Service (DoS). In a subscriber management scenario, login/logout activity triggers a memory leak, and the leaked memory gradually increments and eventually results in a crash.                 user@host> show chassis fpc                                        Temp    CPU Utilization (%)   CPU Utilization (%)   Memory     Utilization (%)                       Slot State       (C)     Total   Interrupt     1min   5min  15min    DRAM (MB)  Heap   Buffer                       2 Online         36       10         0          9     8     9        32768      26         0                                                                                                       This issue affects Junos OS on MX Series: * All versions before 21.2R3-S9 * from 21.4 before 21.4R3-S10 * from 22.2 before 22.2R3-S6 * from 22.4 before 22.4R3-S5 * from 23.2 before 23.2R2-S3 * from 23.4 before 23.4R2-S3 * from 24.2 before 24.2R2.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 09 Apr 2025 20:15:00 GMT

read more

CVE-2025-30648 - Juniper Junos OS Juniper DHCP Daemon Denial of Service

CVE ID : CVE-2025-30648
Published : April 9, 2025, 8:15 p.m. | 8 hours, 3 minutes ago
Description : An Improper Input Validation vulnerability in the Juniper DHCP Daemon (jdhcpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause the jdhcpd process to crash resulting in a Denial of Service (DoS). When a specifically malformed DHCP packet is received from a DHCP client, the jdhcpd process crashes, which will lead to the unavailability of the DHCP service and thereby resulting in a sustained DoS. The DHCP process will restart automatically to recover the service. This issue will occur when dhcp-security is enabled.  This issue affects Junos OS:  * All versions before 21.2R3-S9,  * from 21.4 before 21.4R3-S10,  * from 22.2 before 22.2R3-S6,  * from 22.4 before 22.4R3-S6,  * from 23.2 before 23.2R2-S3,  * from 23.4 before 23.4R2-S4,  * from 24.2 before 24.2R2;  Junos OS Evolved:  * from 22.4 before 22.4R3-S6-EVO,  * from 23.2 before 23.2R2-S3-EVO,  * from 23.4 before 23.4R2-S4-EVO,  * from 24.2 before 24.2R2-EVO. .
Severity: 7.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 09 Apr 2025 20:15:00 GMT

read more

CVE-2025-30649 - "Juniper Networks Junos OS syslog stream TCP transport Improper Input Validation allows CPU Denial of Service"

CVE ID : CVE-2025-30649
Published : April 9, 2025, 8:15 p.m. | 8 hours, 3 minutes ago
Description : An Improper Input Validation vulnerability in the syslog stream TCP transport of Juniper Networks Junos OS on MX240, MX480 and MX960 devices with MX-SPC3 Security Services Card allows an unauthenticated, network-based attacker, to send specific spoofed packets to cause a CPU Denial of Service (DoS) to the MX-SPC3 SPUs. Continued receipt and processing of these specific packets will sustain the DoS condition. This issue affects Junos OS: * All versions before 22.2R3-S6, * from 22.4 before 22.4R3-S4, * from 23.2 before 23.2R2-S3, * from 23.4 before 23.4R2-S4, * from 24.2 before 24.2R1-S2, 24.2R2 An indicator of compromise will indicate the SPC3 SPUs utilization has spiked. For example:     user@device> show services service-sets summary Service sets CPU Interface configured Bytes used Session bytes used Policy bytes used utilization "interface" 1 "bytes" (percent%) "sessions" ("percent"%) "bytes" ("percent"%) 99.97 % OVLD <<<<<< look for high CPU usage
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 09 Apr 2025 20:15:00 GMT

read more

CVE-2025-30651 - Juniper Networks Junos OS and Junos OS Evolved Router Advertisement Protocol Buffer Access Denial of Service Vulnerability

CVE ID : CVE-2025-30651
Published : April 9, 2025, 8:15 p.m. | 8 hours, 3 minutes ago
Description : A Buffer Access with Incorrect Length Value vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When an attacker sends a specific ICMPv6 packet to an interface with "protocols router-advertisement" configured, rpd crashes and restarts. Continued receipt of this packet will cause a sustained DoS condition.  This issue only affects systems configured with IPv6. This issue affects Junos OS:  * All versions before 21.2R3-S9,  * from 21.4 before 21.4R3-S10, * from 22.2 before 22.2R3-S6, * from 22.4 before 22.4R3-S4, * from 23.2 before 23.2R2-S2, * from 23.4 before 23.4R2; and Junos OS Evolved: * All versions before 21.2R3-S9-EVO, * from 21.4-EVO before 21.4R3-S10-EVO, * from 22.2-EVO before 22.2R3-S6-EVO, * from 22.4-EVO before 22.4R3-S4-EVO, * from 23.2-EVO before 23.2R2-S2-EVO, * from 23.4-EVO before 23.4R2-EVO.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 09 Apr 2025 20:15:00 GMT

read more

CVE-2025-30652 - Juniper Networks Junos OS and Junos OS Evolved Denial of Service Vulnerability in Routing Protocol Daemon (rpd)

CVE ID : CVE-2025-30652
Published : April 9, 2025, 8:15 p.m. | 8 hours, 3 minutes ago
Description : An Improper Handling of Exceptional Conditions vulnerability in routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker executing a CLI command to cause a Denial of Service (DoS). When asregex-optimized is configured and a specific "show route as-path" CLI command is executed, the rpd crashes and restarts. Repeated execution of this command will cause a sustained DoS condition. This issue affects Junos OS: * All versions before 21.2R3-S9, * from 21.4 before 21.4R3-S10, * from 22.2 before 22.2R3-S6, * from 22.4 before 22.4R3-S6, * from 23.2 before 23.2R2-S3, * from 23.4 before 23.4R2-S4, * from 24.2 before 24.2R2. and Junos OS Evolved: * All versions before 21.2R3-S9-EVO, * from 21.4-EVO before 21.4R3-S10-EVO, * from 22.2-EVO before 22.2R3-S6-EVO, * from 22.4-EVO before 22.4R3-S6-EVO, * from 23.2-EVO before 23.2R2-S3-EVO, * from 23.4-EVO before 23.4R2-S4-EVO, * from 24.2-EVO before 24.2R2-EVO.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 09 Apr 2025 20:15:00 GMT

read more

CVE-2025-2519 - Sreamit WordPress Arbitrary File Download Vulnerability

CVE ID : CVE-2025-2519
Published : April 8, 2025, 2:15 a.m. | 1 hour ago
Description : The Sreamit theme for WordPress is vulnerable to arbitrary file downloads in all versions up to, and including, 4.0.1. This is due to insufficient file validation in the 'st_send_download_file' function. This makes it possible for authenticated attackers, with subscriber-level access and above, to download arbitrary files.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 08 Apr 2025 02:15:00 GMT

read more

CVE-2025-2525 - Streamit for WordPress Arbitrary File Upload Vulnerability

CVE ID : CVE-2025-2525
Published : April 8, 2025, 2:15 a.m. | 1 hour ago
Description : The Streamit theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'st_Authentication_Controller::edit_profile' function in all versions up to, and including, 4.0.1. This makes it possible for authenticated attackers, with subscriber-level and above permissions, to upload arbitrary files on the affected site's server which may make remote code execution possible.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 08 Apr 2025 02:15:00 GMT

read more

CVE-2025-2526 - Streamit Theme for WordPress Privilege Escalation via Account Takeover

CVE ID : CVE-2025-2526
Published : April 8, 2025, 2:15 a.m. | 1 hour ago
Description : The Streamit theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 4.0.2. This is due to the plugin not properly validating a user's identity prior to updating their details like email in the 'st_Authentication_Controller::edit_profile' function. This makes it possible for unauthenticated attackers to change arbitrary user's email addresses, including administrators, and leverage that to reset the user's password and gain access to their account.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 08 Apr 2025 02:15:00 GMT

read more

CVE-2025-3361 - HGiga iSherlock OS Command Injection Vulnerability

CVE ID : CVE-2025-3361
Published : April 8, 2025, 2:15 a.m. | 1 hour ago
Description : The web service of iSherlock from HGiga has an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 08 Apr 2025 02:15:00 GMT

read more

CVE-2025-3362 - HGiga iSherlock OS Command Injection Vulnerability

CVE ID : CVE-2025-3362
Published : April 8, 2025, 2:15 a.m. | 1 hour ago
Description : The web service of iSherlock from HGiga has an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 08 Apr 2025 02:15:00 GMT

read more

CVE-2025-3363 - HGiga iSherlock OS Command Injection

CVE ID : CVE-2025-3363
Published : April 8, 2025, 2:15 a.m. | 1 hour ago
Description : The web service of iSherlock from HGiga has an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 08 Apr 2025 02:15:00 GMT

read more

CVE-2025-3392 - "Hailey888 OA System Backend MailController Cross-Site Scripting Vulnerability"

CVE ID : CVE-2025-3392
Published : April 8, 2025, 2:15 a.m. | 1 hour ago
Description : A vulnerability was found in hailey888 oa_system up to 2025.01.01 and classified as problematic. Affected by this issue is the function Save of the file cn/gson/oasys/controller/mail/MailController.java of the component Backend. The manipulation of the argument MailNumberId leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 08 Apr 2025 02:15:00 GMT

read more

CVE-2025-3393 - MRCEN Springboot-Ucan-Admin Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3393
Published : April 8, 2025, 2:15 a.m. | 1 hour ago
Description : A vulnerability was found in mrcen springboot-ucan-admin up to 5f35162032cbe9288a04e429ef35301545143509. It has been classified as problematic. This affects an unknown part of the file /ucan-admin/index of the component Personal Settings Interface. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 08 Apr 2025 02:15:00 GMT

read more

CVE-2025-3397 - YzmCMS Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3397
Published : April 8, 2025, 2:15 a.m. | 1 hour ago
Description : A vulnerability classified as problematic has been found in YzmCMS 7.1. Affected is an unknown function of the file message.tpl. The manipulation of the argument gourl leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 08 Apr 2025 02:15:00 GMT

read more

CVE-2025-3398 - Lenve VBlog Remote Web Security Config File Improper Access Controls Vulnerability

CVE ID : CVE-2025-3398
Published : April 8, 2025, 2:15 a.m. | 1 hour ago
Description : A vulnerability classified as critical was found in lenve VBlog up to 1.0.0. Affected by this vulnerability is the function configure of the file blogserver/src/main/java/org/sang/config/WebSecurityConfig.java. The manipulation leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 08 Apr 2025 02:15:00 GMT

read more

CVE-2025-3399 - ESAFENET CDG SQL Injection Vulnerability

CVE ID : CVE-2025-3399
Published : April 8, 2025, 2:15 a.m. | 1 hour ago
Description : A vulnerability, which was classified as critical, has been found in ESAFENET CDG 5.6.3.154.205_20250114. Affected by this issue is some unknown functionality of the file /pubinfo/updateNotice.jsp. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 08 Apr 2025 02:15:00 GMT

read more

CVE-2025-3400 - ESAfENET CDG SQL Injection Vulnerability

CVE ID : CVE-2025-3400
Published : April 8, 2025, 2:15 a.m. | 1 hour ago
Description : A vulnerability, which was classified as critical, was found in ESAFENET CDG 5.6.3.154.205_20250114. This affects an unknown part of the file /client/UnChkMailApplication.jsp. The manipulation of the argument typename leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 08 Apr 2025 02:15:00 GMT

read more

CVE-2025-3391 - Hailey888 Oa_System Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3391
Published : April 8, 2025, 1:15 a.m. | 1 hour, 59 minutes ago
Description : A vulnerability has been found in hailey888 oa_system up to 2025.01.01 and classified as problematic. Affected by this vulnerability is the function outAddress of the file cn/gson/oass/controller/address/AddrController. java of the component Backend. The manipulation of the argument outtype leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 08 Apr 2025 01:15:00 GMT

read more

CVE-2025-3389 - Hailey888 Oa_system Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3389
Published : April 8, 2025, 12:15 a.m. | 3 hours ago
Description : A vulnerability, which was classified as problematic, has been found in hailey888 oa_system up to 2025.01.01. This issue affects the function testMess of the file cn/gson/oasys/controller/inform/InformManageController.java of the component Backend. The manipulation of the argument menu leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 08 Apr 2025 00:15:00 GMT

read more

CVE-2025-3390 - "Hailey888 OA System Backend DaymanageController Cross-Site Scripting Vulnerability"

CVE ID : CVE-2025-3390
Published : April 8, 2025, 12:15 a.m. | 3 hours ago
Description : A vulnerability, which was classified as problematic, was found in hailey888 oa_system up to 2025.01.01. Affected is the function addandchangeday of the file cn/gson/oass/controller/daymanager/DaymanageController.java of the component Backend. The manipulation of the argument scheduleList leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Tue, 08 Apr 2025 00:15:00 GMT

read more

CVE-2025-3387 - Renrenio Renren-Security JSON Handler Cross-Site Scripting

CVE ID : CVE-2025-3387
Published : April 7, 2025, 11:15 p.m. | 3 hours, 59 minutes ago
Description : A vulnerability classified as problematic has been found in renrenio renren-security up to 5.4.0. This affects an unknown part of the component JSON Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 23:15:00 GMT

read more

CVE-2025-3388 - Hailey888 OA System Frontend Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3388
Published : April 7, 2025, 11:15 p.m. | 3 hours, 59 minutes ago
Description : A vulnerability classified as problematic was found in hailey888 oa_system up to 2025.01.01. This vulnerability affects the function loginCheck of the file cn/gson/oasys/controller/login/LoginsController.java of the component Frontend. The manipulation of the argument Username leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 23:15:00 GMT

read more

CVE-2025-0942 - Jalios JPlatform SQL Injection Vulnerability

CVE ID : CVE-2025-0942
Published : April 7, 2025, 10:15 p.m. | 5 hours ago
Description : The DB chooser functionality in Jalios JPlatform 10 SP6 before 10.0.6 improperly neutralizes special elements used in an SQL command allows for authenticated administrative users to trigger SQL Injection. This issue affects JPlatform before 10.0.6 and a PatchPlugin release 10.0.6 was issued 2023-02-06.
Severity: 6.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 22:15:00 GMT

read more

CVE-2025-32409 - Ratta SuperNote A6 X2 Nomad Remote Code Execution Vulnerability

CVE ID : CVE-2025-32409
Published : April 7, 2025, 10:15 p.m. | 5 hours ago
Description : Ratta SuperNote A6 X2 Nomad before December 2024 allows remote code execution because an arbitrary firmware image (signed with debug keys) can be sent to TCP port 60002, and placed into the correct image-update location as a consequence of both directory traversal and unintended handling of concurrency.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 22:15:00 GMT

read more

CVE-2025-3385 - LinZhaoguan pb-cms Cross-Site Scripting (XSS)

CVE ID : CVE-2025-3385
Published : April 7, 2025, 10:15 p.m. | 5 hours ago
Description : A vulnerability was found in LinZhaoguan pb-cms 2.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Classification Management Page. The manipulation of the argument Classification name leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 22:15:00 GMT

read more

CVE-2025-3386 - "LinZhaoguan pb-cms Cross-Site Scripting Vulnerability"

CVE ID : CVE-2025-3386
Published : April 7, 2025, 10:15 p.m. | 5 hours ago
Description : A vulnerability was found in LinZhaoguan pb-cms 2.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin#links of the component Friendship Link Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 22:15:00 GMT

read more

CVE-2025-32033 - Apollo Router Core Unsigned Integer Wraparound Vulnerability

CVE ID : CVE-2025-32033
Published : April 7, 2025, 9:15 p.m. | 5 hours, 59 minutes ago
Description : The Apollo Router Core is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. Prior to 1.61.2 and 2.1.1, the operation limits plugin uses unsigned 32-bit integers to track limit counters (e.g. for a query's height). If a counter exceeded the maximum value for this data type (4,294,967,295), it wrapped around to 0, unintentionally allowing queries to bypass configured thresholds. This could occur for large queries if the payload limit were sufficiently increased, but could also occur for small queries with deeply nested and reused named fragments. This has been remediated in apollo-router versions 1.61.2 and 2.1.1.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 21:15:00 GMT

read more

CVE-2025-32034 - Apollo Router Denial of Service (DoS) Vulnerability

CVE ID : CVE-2025-32034
Published : April 7, 2025, 9:15 p.m. | 5 hours, 59 minutes ago
Description : The Apollo Router Core is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. Prior to 1.61.2 and 2.1.1, a vulnerability in Apollo Router allowed queries with deeply nested and reused named fragments to be prohibitively expensive to query plan, specifically during named fragment expansion. Named fragments were being expanded once per fragment spread during query planning, leading to exponential resource usage when deeply nested and reused fragments were involved. This could lead to excessive resource consumption and denial of service. This has been remediated in apollo-router versions 1.61.2 and 2.1.1.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 21:15:00 GMT

read more

CVE-2025-3383 - SourceCodester Web-based Pharmacy Product Management System SQL Injection

CVE ID : CVE-2025-3383
Published : April 7, 2025, 9:15 p.m. | 5 hours, 59 minutes ago
Description : A vulnerability was found in SourceCodester Web-based Pharmacy Product Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /search/search_sales.php. The manipulation of the argument Name leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 21:15:00 GMT

read more

CVE-2025-3384 - "1000 Projects Human Resource Management System SQL Injection Vulnerability"

CVE ID : CVE-2025-3384
Published : April 7, 2025, 9:15 p.m. | 5 hours, 59 minutes ago
Description : A vulnerability was found in 1000 Projects Human Resource Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /controller/employee.php. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 21:15:00 GMT

read more

Cybermalveillance.gouv.fr dévoile sa stratégie 2025-2030

À l’occasion de la conférence de presse durant laquelle Cybermalveillance.gouv.fr a dévoilé son rapport d’activité et les tendances de la menace cyber en France, le dispositif national d’assistance a également présenté sa stratégie 2025-2030.

Mon, 07 Apr 2025 17:25:00 GMT

read more

CVE-2025-27686 - Dell Unisphere for PowerMax LDAP Injection

CVE ID : CVE-2025-27686
Published : April 7, 2025, 2:15 p.m. | 2 hours, 11 minutes ago
Description : Dell Unisphere for PowerMax, version(s) prior to 10.2.0.9 and PowerMax version(s) prior to PowerMax 9.2.4.15, contain an Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Script injection.
Severity: 2.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 14:15:00 GMT

read more

CVE-2025-2251 - WildFly/JBoss EAP EJB Remote Code Execution Vulnerability

CVE ID : CVE-2025-2251
Published : April 7, 2025, 2:15 p.m. | 2 hours, 11 minutes ago
Description : A security flaw exists in WildFly and JBoss Enterprise Application Platform (EAP) within the Enterprise JavaBeans (EJB) remote invocation mechanism. This vulnerability stems from untrusted data deserialization handled by JBoss Marshalling. This flaw allows an attacker to send a specially crafted serialized object, leading to remote code execution without requiring authentication.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 14:15:00 GMT

read more

CVE-2025-30195 - PowerDNS Recursor DNS Cache Poisoning Denial of Service

CVE ID : CVE-2025-30195
Published : April 7, 2025, 2:15 p.m. | 2 hours, 11 minutes ago
Description : An attacker can publish a zone containing specific Resource Record Sets. Processing and caching results for these sets can lead to an illegal memory accesses and crash of the Recursor, causing a denial of service. The remedy is: upgrade to the patched 5.2.1 version. We would like to thank Volodymyr Ilyin for bringing this issue to our attention.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 14:15:00 GMT

read more

CVE-2025-3369 - Novel-Plus SQL Injection Vulnerability

CVE ID : CVE-2025-3369
Published : April 7, 2025, 2:15 p.m. | 2 hours, 11 minutes ago
Description : A vulnerability was found in xxyopen Novel-Plus 5.1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /novel/friendLink/list. The manipulation of the argument sort leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 14:15:00 GMT

read more

CVE-2025-3370 - PHPGurukul Men Salon Management System SQL Injection Vulnerability

CVE ID : CVE-2025-3370
Published : April 7, 2025, 2:15 p.m. | 2 hours, 11 minutes ago
Description : A vulnerability classified as critical has been found in PHPGurukul Men Salon Management System 1.0. This affects an unknown part of the file /admin/admin-profile.php. The manipulation of the argument contactnumber leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 14:15:00 GMT

read more

CVE-2025-3352 - PHPGurukul Old Age Home Management System SQL Injection Vulnerability

CVE ID : CVE-2025-3352
Published : April 7, 2025, 1:15 p.m. | 3 hours, 11 minutes ago
Description : A vulnerability was found in PHPGurukul Old Age Home Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/edit-scdetails.php. The manipulation of the argument contnum leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 13:15:00 GMT

read more

CVE-2025-3353 - PHPGurukul Men Salon Management System SQL Injection Vulnerability

CVE ID : CVE-2025-3353
Published : April 7, 2025, 1:15 p.m. | 3 hours, 11 minutes ago
Description : A vulnerability was found in PHPGurukul Men Salon Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/add-services.php. The manipulation of the argument cost leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 13:15:00 GMT

read more

CVE-2025-3359 - GNUPlot Segmentation Fault Vulnerability

CVE ID : CVE-2025-3359
Published : April 7, 2025, 1:15 p.m. | 3 hours, 11 minutes ago
Description : A flaw was found in GNUPlot. A segmentation fault via IO_str_init_static_internal may jeopardize the environment.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 13:15:00 GMT

read more

CVE-2025-3360 - GLib ISO 8601 Timestamp Parsing Integer Overflow/Buffer Under-read Vulnerability

CVE ID : CVE-2025-3360
Published : April 7, 2025, 1:15 p.m. | 3 hours, 11 minutes ago
Description : A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the g_date_time_new_from_iso8601() function.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 13:15:00 GMT

read more

CVE-2025-0050 - Arm Ltd GPU Userspace Driver Buffer Boundary Violation

CVE ID : CVE-2025-0050
Published : April 7, 2025, 12:15 p.m. | 4 hours, 11 minutes ago
Description : Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a non-privileged user process to make valid GPU processing operations, including via WebGL or WebGPU, to access a limited amount outside of buffer bounds.This issue affects Bifrost GPU Userspace Driver: from r0p0 through r49p2, from r50p0 through r51p0; Valhall GPU Userspace Driver: from r19p0 through r49p2, from r50p0 through r53p0; Arm 5th Gen GPU Architecture Userspace Driver: from r41p0 through r49p2, from r50p0 through r53p0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 12:15:00 GMT

read more

CVE-2025-3350 - PHPGurukul Old Age Home Management System SQL Injection Vulnerability

CVE ID : CVE-2025-3350
Published : April 7, 2025, 12:15 p.m. | 4 hours, 11 minutes ago
Description : A vulnerability, which was classified as critical, was found in PHPGurukul Old Age Home Management System 1.0. Affected is an unknown function of the file /admin/view-enquiry.php. The manipulation of the argument viewid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 12:15:00 GMT

read more

CVE-2025-3351 - PHPGurukul Old Age Home Management System SQL Injection Vulnerability

CVE ID : CVE-2025-3351
Published : April 7, 2025, 12:15 p.m. | 4 hours, 11 minutes ago
Description : A vulnerability has been found in PHPGurukul Old Age Home Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/login.php. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 12:15:00 GMT

read more

CVE-2025-21443 - Cisco eAVB Heap Buffer Overflow

CVE ID : CVE-2025-21443
Published : April 7, 2025, 11:15 a.m. | 5 hours, 11 minutes ago
Description : Memory corruption while processing message content in eAVB.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 11:15:00 GMT

read more

CVE-2025-21447 - Cisco Router Device IO Control Session Control Memory Corruption

CVE ID : CVE-2025-21447
Published : April 7, 2025, 11:15 a.m. | 5 hours, 11 minutes ago
Description : Memory corruption may occur while processing device IO control call for session control.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 11:15:00 GMT

read more

CVE-2025-21448 - Cisco Wireless Router Denial of Service

CVE ID : CVE-2025-21448
Published : April 7, 2025, 11:15 a.m. | 5 hours, 11 minutes ago
Description : Transient DOS may occur while parsing SSID in action frames.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 11:15:00 GMT

read more

CVE-2025-3348 - Code-projects Patient Record Management System SQL Injection Vulnerability

CVE ID : CVE-2025-3348
Published : April 7, 2025, 11:15 a.m. | 5 hours, 11 minutes ago
Description : A vulnerability classified as critical was found in code-projects Patient Record Management System 1.0. This vulnerability affects unknown code of the file /edit_dpatient.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 11:15:00 GMT

read more

CVE-2025-3349 - PCMan FTP Server Buffer Overflow Vulnerability

CVE ID : CVE-2025-3349
Published : April 7, 2025, 11:15 a.m. | 5 hours, 11 minutes ago
Description : A vulnerability, which was classified as critical, has been found in PCMan FTP Server 2.0.7. This issue affects some unknown processing of the component SYST Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 11:15:00 GMT

read more

CVE-2025-21435 - Cisco ASA Internet Explorer Parsing Denial of Service

CVE ID : CVE-2025-21435
Published : April 7, 2025, 11:15 a.m. | 3 hours, 48 minutes ago
Description : Transient DOS may occur while parsing extended IE in beacon.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 11:15:00 GMT

read more

CVE-2025-21436 - Adobe Flash Memory Corruption Vulnerability

CVE ID : CVE-2025-21436
Published : April 7, 2025, 11:15 a.m. | 3 hours, 48 minutes ago
Description : Memory corruption may occur while initiating two IOCTL calls simultaneously to create processes from two different threads.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 11:15:00 GMT

read more

CVE-2025-21437 - Microsoft Windows Kernel Unmap IOCTL Memory Corruption Vulnerability

CVE ID : CVE-2025-21437
Published : April 7, 2025, 11:15 a.m. | 3 hours, 48 minutes ago
Description : Memory corruption while processing memory map or unmap IOCTL operations simultaneously.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 11:15:00 GMT

read more

CVE-2025-21438 - Apache IoT Device Memory Corruption

CVE ID : CVE-2025-21438
Published : April 7, 2025, 11:15 a.m. | 3 hours, 48 minutes ago
Description : Memory corruption while IOCTL call is invoked from user-space to read board data.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 11:15:00 GMT

read more

CVE-2025-21439 - Cisco WLAN Driver Heap Buffer Overflow

CVE ID : CVE-2025-21439
Published : April 7, 2025, 11:15 a.m. | 3 hours, 48 minutes ago
Description : Memory corruption may occur while reading board data via IOCTL call when the WLAN driver copies the content to the provided output buffer.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 11:15:00 GMT

read more

CVE-2025-21440 - "TP-Link WLAN Driver Buffer Overflow"

CVE ID : CVE-2025-21440
Published : April 7, 2025, 11:15 a.m. | 3 hours, 48 minutes ago
Description : Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 11:15:00 GMT

read more

CVE-2025-21441 - "TP-Link WLAN Driver Out-of-Bounds Write Vulnerability"

CVE ID : CVE-2025-21441
Published : April 7, 2025, 11:15 a.m. | 3 hours, 48 minutes ago
Description : Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 11:15:00 GMT

read more

CVE-2025-21442 - Apache HTTP Server Buffer Overflow

CVE ID : CVE-2025-21442
Published : April 7, 2025, 11:15 a.m. | 3 hours, 48 minutes ago
Description : Memory corruption while transmitting packet mapping information with invalid header payload size.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 11:15:00 GMT

read more

CVE-2024-45552 - VivoLink Video Call RTCP Packet Information Disclosure

CVE ID : CVE-2024-45552
Published : April 7, 2025, 11:15 a.m. | 1 hour, 11 minutes ago
Description : Information disclosure may occur during a video call if a device resets due to a non-conforming RTCP packet that doesn`t adhere to RFC standards.
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 11:15:00 GMT

read more

CVE-2024-45556 - Texas Instruments TCSR Linux Cryptographic Access Control Vulnerability

CVE ID : CVE-2024-45556
Published : April 7, 2025, 11:15 a.m. | 1 hour, 11 minutes ago
Description : Cryptographic issue may arise because the access control configuration permits Linux to read key registers in TCSR.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 11:15:00 GMT

read more

CVE-2024-45557 - Intel TME Memory Corruption Vulnerability

CVE ID : CVE-2024-45557
Published : April 7, 2025, 11:15 a.m. | 1 hour, 11 minutes ago
Description : Memory corruption can occur when TME processes addresses from TZ and MPSS requests without proper validation.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 11:15:00 GMT

read more

CVE-2024-49848 - Qualcomm Snapdragon DSP IOCTL Memory Corruption Vulnerability

CVE ID : CVE-2024-49848
Published : April 7, 2025, 11:15 a.m. | 1 hour, 11 minutes ago
Description : Memory corruption while processing multiple IOCTL calls from HLOS to DSP.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 11:15:00 GMT

read more

CVE-2025-21421 - Apache HTTP Server Buffer Overflow

CVE ID : CVE-2025-21421
Published : April 7, 2025, 11:15 a.m. | 1 hour, 11 minutes ago
Description : Memory corruption while processing escape code in API.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 11:15:00 GMT

read more

CVE-2025-21423 - Citrix Receiver Use-After-Free

CVE ID : CVE-2025-21423
Published : April 7, 2025, 11:15 a.m. | 1 hour, 11 minutes ago
Description : Memory corruption occurs when handling client calls to EnableTestMode through an Escape call.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 11:15:00 GMT

read more

CVE-2025-21425 - Citrix Systems HAB Process Memory Corruption Vulnerability

CVE ID : CVE-2025-21425
Published : April 7, 2025, 11:15 a.m. | 1 hour, 11 minutes ago
Description : Memory corruption may occur due top improper access control in HAB process.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 11:15:00 GMT

read more

CVE-2025-21428 - Aruba Wireless TSpec Memory Corruption Vulnerability

CVE ID : CVE-2025-21428
Published : April 7, 2025, 11:15 a.m. | 1 hour, 11 minutes ago
Description : Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request from the AP to establish a TSpec session.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 11:15:00 GMT

read more

CVE-2025-21429 - Cisco Wireless STA Memory Corruption Vulnerability (Buffer Overflow)

CVE ID : CVE-2025-21429
Published : April 7, 2025, 11:15 a.m. | 1 hour, 11 minutes ago
Description : Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 11:15:00 GMT

read more

CVE-2025-21430 - Cisco Wireless Router Denial of Service

CVE ID : CVE-2025-21430
Published : April 7, 2025, 11:15 a.m. | 1 hour, 11 minutes ago
Description : Transient DOS while connecting STA to AP and initiating ADD TS request from AP to establish TSpec session.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 11:15:00 GMT

read more

CVE-2025-21431 - VMware Guest VM Information Disclosure

CVE ID : CVE-2025-21431
Published : April 7, 2025, 11:15 a.m. | 1 hour, 11 minutes ago
Description : Information disclosure may be there when a guest VM is connected.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 11:15:00 GMT

read more

CVE-2025-21434 - Cisco Wireless LAN Controller Denial of Service Vulnerability

CVE ID : CVE-2025-21434
Published : April 7, 2025, 11:15 a.m. | 1 hour, 11 minutes ago
Description : Transient DOS may occur while parsing EHT operation IE or EHT capability IE.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 11:15:00 GMT

read more

CVE-2025-3342 - Codeprojects Online Restaurant Management System SQL Injection Vulnerability

CVE ID : CVE-2025-3342
Published : April 7, 2025, 8:15 a.m. | 2 hours, 48 minutes ago
Description : A vulnerability has been found in codeprojects Online Restaurant Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/payment_save.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 08:15:00 GMT

read more

CVE-2025-3343 - Codeprojects Online Restaurant Management System SQL Injection Vulnerability

CVE ID : CVE-2025-3343
Published : April 7, 2025, 8:15 a.m. | 2 hours, 48 minutes ago
Description : A vulnerability was found in codeprojects Online Restaurant Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/reservation_update.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 08:15:00 GMT

read more

CVE-2025-3340 - Codeprojects Online Restaurant Management System SQL Injection Vulnerability

CVE ID : CVE-2025-3340
Published : April 7, 2025, 7:15 a.m. | 3 hours, 48 minutes ago
Description : A vulnerability, which was classified as critical, has been found in codeprojects Online Restaurant Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/combo_update.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 07:15:00 GMT

read more

CVE-2025-3341 - Codeprojects Online Restaurant Management System SQL Injection Vulnerability

CVE ID : CVE-2025-3341
Published : April 7, 2025, 7:15 a.m. | 3 hours, 48 minutes ago
Description : A vulnerability, which was classified as critical, was found in codeprojects Online Restaurant Management System 1.0. This affects an unknown part of the file /admin/reservation_view.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 07:15:00 GMT

read more

CVE-2024-11071 - Cyberdigm DestinyECM Cross-Site Request Forgery (CSRF) and JSON Hijacking

CVE ID : CVE-2024-11071
Published : April 7, 2025, 6:15 a.m. | 4 hours, 48 minutes ago
Description : Permissive Cross-domain Policy with Untrusted Domains vulnerability in local API server of DestinyECM solution(versions described below) which is developed and maintained by Cyberdigm may allow Cross-Site Request Forgery (CSRF) attack, which probabilistically enables JSON Hijacking (aka JavaScript Hijacking) via forgery web page.* Due to product customization, version information may differ from the following version description. For further inquiries, please contact the vendor.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 06:15:00 GMT

read more

CVE-2025-3338 - Codeprojects Online Restaurant Management System SQL Injection Vulnerability

CVE ID : CVE-2025-3338
Published : April 7, 2025, 6:15 a.m. | 4 hours, 48 minutes ago
Description : A vulnerability classified as critical has been found in codeprojects Online Restaurant Management System 1.0. Affected is an unknown function of the file /admin/user_save.php. The manipulation of the argument Name leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 06:15:00 GMT

read more

CVE-2025-3339 - Codeprojects Online Restaurant Management System SQL Injection Vulnerability

CVE ID : CVE-2025-3339
Published : April 7, 2025, 6:15 a.m. | 4 hours, 48 minutes ago
Description : A vulnerability classified as critical was found in codeprojects Online Restaurant Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/user_update.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 06:15:00 GMT

read more

CVE-2025-3336 - Codeprojects Online Restaurant Management System SQL Injection Vulnerability

CVE ID : CVE-2025-3336
Published : April 7, 2025, 5:15 a.m. | 5 hours, 48 minutes ago
Description : A vulnerability was found in codeprojects Online Restaurant Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/member_save.php. The manipulation of the argument last leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 05:15:00 GMT

read more

CVE-2025-3337 - Codeprojects Online Restaurant Management System SQL Injection Vulnerability

CVE ID : CVE-2025-3337
Published : April 7, 2025, 5:15 a.m. | 5 hours, 48 minutes ago
Description : A vulnerability was found in codeprojects Online Restaurant Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/member_update.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 05:15:00 GMT

read more

CVE-2025-20663 - "Aruba WLAN AP Driver Information Disclosure Vulnerability"

CVE ID : CVE-2025-20663
Published : April 7, 2025, 4:15 a.m. | 6 hours, 48 minutes ago
Description : In wlan AP driver, there is a possible information disclosure due to an uncaught exception. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00408868; Issue ID: MSV-3031.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 04:15:00 GMT

read more

CVE-2025-20664 - Aruba Wlan AP Driver Information Disclosure

CVE ID : CVE-2025-20664
Published : April 7, 2025, 4:15 a.m. | 6 hours, 48 minutes ago
Description : In wlan AP driver, there is a possible information disclosure due to an uncaught exception. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00406217; Issue ID: MSV-2773.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 04:15:00 GMT

read more

CVE-2025-31170 - Apache Security Verification Module Authorization Bypass

CVE ID : CVE-2025-31170
Published : April 7, 2025, 4:15 a.m. | 6 hours, 48 minutes ago
Description : Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 04:15:00 GMT

read more

CVE-2025-31171 - "Apache Kernel File System Module Permission Bypass Vulnerability"

CVE ID : CVE-2025-31171
Published : April 7, 2025, 4:15 a.m. | 6 hours, 48 minutes ago
Description : File read permission bypass vulnerability in the kernel file system module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 04:15:00 GMT

read more

CVE-2025-31172 - VMware Kernel Futex Module Memory Write Permission Bypass Vulnerability

CVE ID : CVE-2025-31172
Published : April 7, 2025, 4:15 a.m. | 6 hours, 48 minutes ago
Description : Memory write permission bypass vulnerability in the kernel futex module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 04:15:00 GMT

read more

CVE-2025-31173 - "Oracle Solaris Futex Kernel Memory Write Permission Bypass Vulnerability"

CVE ID : CVE-2025-31173
Published : April 7, 2025, 4:15 a.m. | 6 hours, 48 minutes ago
Description : Memory write permission bypass vulnerability in the kernel futex module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 04:15:00 GMT

read more

CVE-2025-31174 - Cisco DFS Module Path Traversal Vulnerability

CVE ID : CVE-2025-31174
Published : April 7, 2025, 4:15 a.m. | 6 hours, 48 minutes ago
Description : Path traversal vulnerability in the DFS module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 04:15:00 GMT

read more

CVE-2025-31175 - DSoftBus Deserialization Mismatch Vulnerability

CVE ID : CVE-2025-31175
Published : April 7, 2025, 4:15 a.m. | 6 hours, 48 minutes ago
Description : Deserialization mismatch vulnerability in the DSoftBus module Impact: Successful exploitation of this vulnerability may affect service integrity.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 04:15:00 GMT

read more

CVE-2025-3334 - Codeprojects Online Restaurant Management System SQL Injection Vulnerability

CVE ID : CVE-2025-3334
Published : April 7, 2025, 4:15 a.m. | 6 hours, 48 minutes ago
Description : A vulnerability was found in codeprojects Online Restaurant Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/category_save.php. The manipulation of the argument Category leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 04:15:00 GMT

read more

CVE-2025-3335 - Codeprojects Online Restaurant Management System SQL Injection Vulnerability

CVE ID : CVE-2025-3335
Published : April 7, 2025, 4:15 a.m. | 6 hours, 48 minutes ago
Description : A vulnerability was found in codeprojects Online Restaurant Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/category_update.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 04:15:00 GMT

read more

CVE-2025-20657 - VDEC Privilege Escalation Vulnerability

CVE ID : CVE-2025-20657
Published : April 7, 2025, 4:15 a.m. | 4 hours, 59 minutes ago
Description : In vdec, there is a possible permission bypass due to improper input validation. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09486425; Issue ID: MSV-2609.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 04:15:00 GMT

read more

CVE-2025-20658 - "Amazon Device Authentication Privilege Escalation Vulnerability"

CVE ID : CVE-2025-20658
Published : April 7, 2025, 4:15 a.m. | 4 hours, 59 minutes ago
Description : In DA, there is a possible permission bypass due to a logic error. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09474894; Issue ID: MSV-2597.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 04:15:00 GMT

read more

CVE-2025-20659 - "Modem Denial of Service Vulnerability"

CVE ID : CVE-2025-20659
Published : April 7, 2025, 4:15 a.m. | 4 hours, 59 minutes ago
Description : In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01519028; Issue ID: MSV-2768.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 04:15:00 GMT

read more

CVE-2025-20660 - Microsoft PlayReady TA Out-of-Bounds Read Vulnerability

CVE ID : CVE-2025-20660
Published : April 7, 2025, 4:15 a.m. | 4 hours, 59 minutes ago
Description : In PlayReady TA, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: DTV04436357; Issue ID: MSV-3186.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 04:15:00 GMT

read more

CVE-2025-20661 - Microsoft PlayReady TA Out-of-Bounds Read Vulnerability

CVE ID : CVE-2025-20661
Published : April 7, 2025, 4:15 a.m. | 4 hours, 59 minutes ago
Description : In PlayReady TA, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: DTV04436357; Issue ID: MSV-3185.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 04:15:00 GMT

read more

CVE-2025-20662 - Microsoft PlayReady TA Out-of-Bounds Read Local Privilege Escalation Vulnerability

CVE ID : CVE-2025-20662
Published : April 7, 2025, 4:15 a.m. | 4 hours, 59 minutes ago
Description : In PlayReady TA, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: DTV04428276; Issue ID: MSV-3184.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Mon, 07 Apr 2025 04:15:00 GMT

read more

Fuite de données chez UTWIN

identité, adresse email, numéro de téléphone

Mon Apr 07 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

CVE-2025-3318 - Kenj_Frog Company-Financial-Management System SQL Injection Vulnerability

CVE ID : CVE-2025-3318
Published : April 6, 2025, 2:15 p.m. | 14 hours, 11 minutes ago
Description : A vulnerability classified as critical was found in Kenj_Frog 肯尼基蛙 company-financial-management 公司财务管理系统 1.0. Affected by this vulnerability is the function page of the file src/main/java/com/controller/ShangpinleixingController.java. The manipulation of the argument sort leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 06 Apr 2025 14:15:00 GMT

read more

CVE-2025-3317 - Fumiao OpenCms Path Traversal Vulnerability

CVE ID : CVE-2025-3317
Published : April 6, 2025, 12:15 p.m. | 13 hours, 51 minutes ago
Description : A vulnerability classified as problematic has been found in fumiao opencms up to a0fafa5cff58719e9b27c2a2eec204cc165ce14f. Affected is an unknown function of the file opencms-dev/src/main/webapp/view/admin/document/dataPage.jsp. The manipulation of the argument path leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 06 Apr 2025 12:15:00 GMT

read more

CVE-2025-3316 - PHPGurukul Men Salon Management System SQL Injection Vulnerability

CVE ID : CVE-2025-3316
Published : April 6, 2025, 11:15 a.m. | 14 hours, 50 minutes ago
Description : A vulnerability was found in PHPGurukul Men Salon Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/search-invoices.php. The manipulation of the argument searchdata leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 06 Apr 2025 11:15:00 GMT

read more

CVE-2025-3315 - SourceCodester Apartment Visitor Management System SQL Injection

CVE ID : CVE-2025-3315
Published : April 6, 2025, 10:15 a.m. | 15 hours, 51 minutes ago
Description : A vulnerability was found in SourceCodester Apartment Visitor Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /view-report.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 06 Apr 2025 10:15:00 GMT

read more

CVE-2025-3314 - SourceCodester Apartment Visitor Management System SQL Injection Vulnerability

CVE ID : CVE-2025-3314
Published : April 6, 2025, 9:15 a.m. | 16 hours, 51 minutes ago
Description : A vulnerability has been found in SourceCodester Apartment Visitor Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /forgotpw.php. The manipulation of the argument secode leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 06 Apr 2025 09:15:00 GMT

read more

CVE-2025-3313 - PHPGurukul Men Salon Management System SQL Injection

CVE ID : CVE-2025-3313
Published : April 6, 2025, 8:15 a.m. | 17 hours, 51 minutes ago
Description : A vulnerability, which was classified as critical, was found in PHPGurukul Men Salon Management System 1.0. Affected is an unknown function of the file /admin/add-customer.php. The manipulation of the argument Name leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 06 Apr 2025 08:15:00 GMT

read more

CVE-2025-32370 - Kentico Xperience Zip File Upload Vulnerability

CVE ID : CVE-2025-32370
Published : April 6, 2025, 7:15 a.m. | 18 hours, 50 minutes ago
Description : Kentico Xperience before 13.0.178 has a specific set of allowed ContentUploader file extensions for unauthenticated uploads; however, because .zip is processed through TryZipProviderSafe, there is additional functionality to create files with other extensions. NOTE: this is a separate issue not necessarily related to SVG or XSS.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 06 Apr 2025 07:15:00 GMT

read more

CVE-2025-3311 - PHPGurukul Men Salon Management System SQL Injection Vulnerability

CVE ID : CVE-2025-3311
Published : April 6, 2025, 7:15 a.m. | 18 hours, 50 minutes ago
Description : A vulnerability classified as critical was found in PHPGurukul Men Salon Management System 1.0. This vulnerability affects unknown code of the file /admin/about-us.php. The manipulation of the argument pagetitle leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 06 Apr 2025 07:15:00 GMT

read more

CVE-2025-3312 - PHPGurukul Men Salon Management System SQL Injection Vulnerability

CVE ID : CVE-2025-3312
Published : April 6, 2025, 7:15 a.m. | 18 hours, 50 minutes ago
Description : A vulnerability, which was classified as critical, has been found in PHPGurukul Men Salon Management System 1.0. This issue affects some unknown processing of the file /admin/add-customer-services.php. The manipulation of the argument sids[] leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 06 Apr 2025 07:15:00 GMT

read more

CVE-2025-32369 - Kentico Xperience Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-32369
Published : April 6, 2025, 6:15 a.m. | 19 hours, 51 minutes ago
Description : Kentico Xperience before 13.0.181 allows authenticated users to distribute malicious content (for stored XSS) via certain interactions with the media library file upload feature.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 06 Apr 2025 06:15:00 GMT

read more

CVE-2025-3309 - Blood Bank Management System SQL Injection

CVE ID : CVE-2025-3309
Published : April 6, 2025, 6:15 a.m. | 19 hours, 51 minutes ago
Description : A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/campsdetails.php. The manipulation of the argument hospital leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 06 Apr 2025 06:15:00 GMT

read more

CVE-2025-3310 - Code-projects Blood Bank Management System SQL Injection Vulnerability

CVE ID : CVE-2025-3310
Published : April 6, 2025, 6:15 a.m. | 19 hours, 51 minutes ago
Description : A vulnerability classified as critical has been found in code-projects Blood Bank Management System 1.0. This affects an unknown part of the file /admin/delete.php. The manipulation of the argument Search leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 06 Apr 2025 06:15:00 GMT

read more

CVE-2025-1264 - "AIOSEO WordPress Broken Link Checker SQL Injection"

CVE ID : CVE-2025-1264
Published : April 6, 2025, 5:15 a.m. | 17 hours, 48 minutes ago
Description : The Broken Link Checker by AIOSEO – Easily Fix/Monitor Internal and External links plugin for WordPress is vulnerable to SQL Injection via the 'orderBy' parameter in all versions up to, and including, 1.2.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 06 Apr 2025 05:15:00 GMT

read more

CVE-2025-3308 - Blood Bank Management System SQL Injection

CVE ID : CVE-2025-3308
Published : April 6, 2025, 4:15 a.m. | 18 hours, 48 minutes ago
Description : A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /viewrequest.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 06 Apr 2025 04:15:00 GMT

read more

CVE-2024-58131 - FISCO BCOS Denial of Service (DoS)

CVE ID : CVE-2024-58131
Published : April 6, 2025, 3:15 a.m. | 19 hours, 48 minutes ago
Description : FISCO BCOS 3.11.0 has an issue with synchronization of the transaction pool that can, for example, be observed when a malicious node (that has modified the codebase to allow a large min_seal_time value) joins a blockchain network.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 06 Apr 2025 03:15:00 GMT

read more

CVE-2024-58132 - ChainMaker Concurrent Map Panic

CVE ID : CVE-2024-58132
Published : April 6, 2025, 3:15 a.m. | 19 hours, 48 minutes ago
Description : In chainmaker-go (aka ChainMaker) before 2.3.6, multiple updates to a single node's configuration can cause other normal nodes to perform concurrent read and write operations on a map, leading to a panic.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 06 Apr 2025 03:15:00 GMT

read more

CVE-2024-58133 - ChainMaker Go Concurrency Panic

CVE ID : CVE-2024-58133
Published : April 6, 2025, 3:15 a.m. | 19 hours, 48 minutes ago
Description : In chainmaker-go (aka ChainMaker) before 2.4.0, when making frequent updates to a node's configuration file and restarting this node, concurrent writes by logger.go to a map are mishandled. Creating other logs simultaneously can lead to a read-write conflict and panic.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 06 Apr 2025 03:15:00 GMT

read more

CVE-2025-3307 - Blood Bank Management System SQL Injection

CVE ID : CVE-2025-3307
Published : April 6, 2025, 3:15 a.m. | 19 hours, 48 minutes ago
Description : A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /reset.php. The manipulation of the argument useremail leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 06 Apr 2025 03:15:00 GMT

read more

CVE-2025-3306 - Blood Bank Management System SQL Injection Vulnerability

CVE ID : CVE-2025-3306
Published : April 6, 2025, 1:15 a.m. | 20 hours, 50 minutes ago
Description : A vulnerability was found in code-projects Blood Bank Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /don.php. The manipulation of the argument fullname leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sun, 06 Apr 2025 01:15:00 GMT

read more

CVE-2025-32366 - ConnMan DNS Proxy Heap-Based Buffer Overflow

CVE ID : CVE-2025-32366
Published : April 5, 2025, 11:15 p.m. | 19 hours, 47 minutes ago
Description : In ConnMan through 1.44, parse_rr in dnsproxy.c has a memcpy length that depends on an RR RDLENGTH value, i.e., *rdlen=ntohs(rr->rdlen) and memcpy(response+offset,*end,*rdlen).
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 05 Apr 2025 23:15:00 GMT

read more

CVE-2025-3305 - "IKUN_Library Remote Improper Access Control Vulnerability"

CVE ID : CVE-2025-3305
Published : April 5, 2025, 11:15 p.m. | 19 hours, 47 minutes ago
Description : A vulnerability has been found in 1902756969/code-projects IKUN_Library 1.0 and classified as problematic. This vulnerability affects the function addInterceptors of the file MvcConfig.java of the component Borrow Handler. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 05 Apr 2025 23:15:00 GMT

read more

CVE-2025-32364 - Poppler Floating-Point Exception

CVE ID : CVE-2025-32364
Published : April 5, 2025, 10:15 p.m. | 20 hours, 48 minutes ago
Description : A floating-point exception in the PSStack::roll function of Poppler before 25.04.0 can cause an application to crash when handling malformed inputs associated with INT_MIN.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 05 Apr 2025 22:15:00 GMT

read more

CVE-2025-32365 - Poppler JBIG2Stream Out-of-Bounds Read Vulnerability

CVE ID : CVE-2025-32365
Published : April 5, 2025, 10:15 p.m. | 20 hours, 48 minutes ago
Description : Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc because of a misplaced isOk check.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 05 Apr 2025 22:15:00 GMT

read more

CVE-2025-3304 - "Code-projects Patient Record Management System SQL Injection Vulnerability"

CVE ID : CVE-2025-3304
Published : April 5, 2025, 10:15 p.m. | 20 hours, 48 minutes ago
Description : A vulnerability, which was classified as critical, was found in code-projects Patient Record Management System 1.0. This affects an unknown part of the file /dental_not.php. The manipulation of the argument itr_no leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 05 Apr 2025 22:15:00 GMT

read more

CVE-2025-3303 - Apache Code-projects Patient Record Management System SQL Injection Vulnerability

CVE ID : CVE-2025-3303
Published : April 5, 2025, 9:15 p.m. | 21 hours, 47 minutes ago
Description : A vulnerability, which was classified as critical, has been found in code-projects Patient Record Management System 1.0. Affected by this issue is some unknown functionality of the file /birthing_record.php. The manipulation of the argument itr_no leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 05 Apr 2025 21:15:00 GMT

read more

CVE-2025-32357 - Zammad Privilege Escalation Information Disclosure

CVE ID : CVE-2025-32359
Published : April 5, 2025, 9:15 p.m. | 15 hours, 58 minutes ago
Description : In Zammad 6.4.x before 6.4.2, there is client-side enforcement of server-side security. When changing their two factor authentication configuration, users need to re-authenticate with their current password first. However, this change was enforced in Zammad only on the front end level, and not when using the API directly.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 05 Apr 2025 21:15:00 GMT

read more

CVE-2025-32360 - Zammad Information Exposure Vulnerability

CVE ID : CVE-2025-32360
Published : April 5, 2025, 9:15 p.m. | 15 hours, 58 minutes ago
Description : In Zammad 6.4.x before 6.4.2, there is information exposure. Only agents should be able to see and work on shared article drafts. However, a logged in customer was able to see details about shared drafts for their customer tickets in the browser console, which may contain confidential information, and also to manipulate them via API.
Severity: 4.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 05 Apr 2025 21:15:00 GMT

read more

CVE-2024-56370 - Xero Perl Cryptographic Entropy Weakness

CVE ID : CVE-2024-56370
Published : April 5, 2025, 7:15 p.m. | 14 hours, 50 minutes ago
Description : Net::Xero 0.044 and earlier for Perl uses the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. Specifically Net::Xero uses the Data::Random library which specifically states that it is "Useful mostly for test programs". Data::Random uses the rand() function.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 05 Apr 2025 19:15:00 GMT

read more

CVE-2024-52322 - Xero WebService Perl Cryptographic Entropy Weakness

CVE ID : CVE-2024-52322
Published : April 5, 2025, 5:15 p.m. | 13 hours, 58 minutes ago
Description : WebService::Xero 0.11 and earlier for Perl uses the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. Specifically WebService::Xero uses the Data::Random library which specifically states that it is "Useful mostly for test programs". Data::Random uses the rand() function.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 05 Apr 2025 17:15:00 GMT

read more

CVE-2024-57835 - Amon2::Auth::Site::LINE Cryptographically Insecure Random Number Generation

CVE ID : CVE-2024-57835
Published : April 5, 2025, 4:15 p.m. | 14 hours, 58 minutes ago
Description : Amon2::Auth::Site::LINE uses the String::Random module to generate nonce values.  String::Random defaults to Perl's built-in predictable random number generator, the rand() function, which is not cryptographically secure
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 05 Apr 2025 16:15:00 GMT

read more

CVE-2024-57868 - Web::API Cryptographically Insecure Randomness Vulnerability

CVE ID : CVE-2024-57868
Published : April 5, 2025, 4:15 p.m. | 14 hours, 58 minutes ago
Description : Web::API 2.8 and earlier for Perl uses the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. Specifically Web::API uses the Data::Random library which specifically states that it is "Useful mostly for test programs". Data::Random uses the rand() function.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 05 Apr 2025 16:15:00 GMT

read more

CVE-2024-58036 - Dropbox::API Cryptographically Insecure Random Number Generation

CVE ID : CVE-2024-58036
Published : April 5, 2025, 4:15 p.m. | 14 hours, 58 minutes ago
Description : Net::Dropbox::API 1.9 and earlier for Perl uses the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. Specifically Net::Dropbox::API uses the Data::Random library which specifically states that it is "Useful mostly for test programs". Data::Random uses the rand() function.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 05 Apr 2025 16:15:00 GMT

read more

CVE-2025-30401 - WhatsApp for Windows MIME Type Spoofing Vulnerability

CVE ID : CVE-2025-30401
Published : April 5, 2025, 12:15 p.m. | 17 hours, 50 minutes ago
Description : A spoofing issue in WhatsApp for Windows prior to version 2.2450.6 displayed attachments according to their MIME type but selected the file opening handler based on the attachment’s filename extension. A maliciously crafted mismatch could have caused the recipient to inadvertently execute arbitrary code rather than view the attachment when manually opening the attachment inside WhatsApp.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 05 Apr 2025 12:15:00 GMT

read more

CVE-2025-3298 - SourceCodester Online Eyewear Shop Remote File Inclusion Vulnerability

CVE ID : CVE-2025-3298
Published : April 5, 2025, 11:15 a.m. | 18 hours, 50 minutes ago
Description : A vulnerability has been found in SourceCodester Online Eyewear Shop 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /oews/classes/Master.php?f=save_product of the component Registration Handler. The manipulation of the argument email leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 05 Apr 2025 11:15:00 GMT

read more

CVE-2025-3299 - PHPGurukul Men Salon Management System SQL Injection Vulnerability

CVE ID : CVE-2025-3299
Published : April 5, 2025, 11:15 a.m. | 18 hours, 50 minutes ago
Description : A vulnerability was found in PHPGurukul Men Salon Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /appointment.php. The manipulation of the argument Name leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 05 Apr 2025 11:15:00 GMT

read more

CVE-2025-3297 - SourceCodester Online Eyewear Shop Cross Site Scripting Vulnerability

CVE ID : CVE-2025-3297
Published : April 5, 2025, 9:15 a.m. | 20 hours, 50 minutes ago
Description : A vulnerability, which was classified as problematic, was found in SourceCodester Online Eyewear Shop 1.0. Affected is an unknown function of the file /classes/Master.php?f=save_product. The manipulation of the argument brand leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 05 Apr 2025 09:15:00 GMT

read more

CVE-2025-3296 - SourceCodester Online Eyewear Shop SQL Injection Vulnerability

CVE ID : CVE-2025-3296
Published : April 5, 2025, 8:15 a.m. | 18 hours, 10 minutes ago
Description : A vulnerability, which was classified as critical, has been found in SourceCodester Online Eyewear Shop 1.0. This issue affects some unknown processing of the file /classes/Users.php?f=delete_customer. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 05 Apr 2025 08:15:00 GMT

read more

CVE-2025-2941 - WooCommerce Drag and Drop Multiple File Upload Remote File Moving Vulnerability

CVE ID : CVE-2025-2941
Published : April 5, 2025, 7:15 a.m. | 19 hours, 10 minutes ago
Description : The Drag and Drop Multiple File Upload for WooCommerce plugin for WordPress is vulnerable to arbitrary file moving due to insufficient file path validation via the wc-upload-file[] parameter in all versions up to, and including, 1.1.4. This makes it possible for unauthenticated attackers to move arbitrary files on the server, which can easily lead to remote code execution when the right file is moved (such as wp-config.php).
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 05 Apr 2025 07:15:00 GMT

read more

CVE-2025-0839 - ZoomSounds Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-0839
Published : April 5, 2025, 6:15 a.m. | 20 hours, 10 minutes ago
Description : The ZoomSounds plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 6.91 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 05 Apr 2025 06:15:00 GMT

read more

CVE-2025-1233 - Lafka Plugin for WordPress Unauthorized Theme Option Update Vulnerability

CVE ID : CVE-2025-1233
Published : April 5, 2025, 6:15 a.m. | 20 hours, 10 minutes ago
Description : The Lafka Plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'lafka_options_upload' AJAX function in all versions up to, and including, 7.1.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to update the theme option that overrides the site.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 05 Apr 2025 06:15:00 GMT

read more

CVE-2025-2789 - MultiVendorX Unauthenticated Table Rates Deletion Vulnerability

CVE ID : CVE-2025-2789
Published : April 5, 2025, 6:15 a.m. | 20 hours, 10 minutes ago
Description : The MultiVendorX – Empower Your WooCommerce Store with a Dynamic Multivendor Marketplace – Build the Next Amazon, eBay, Etsy plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the delete_table_rate_shipping_row function in all versions up to, and including, 4.2.19. This makes it possible for unauthenticated attackers to delete Table Rates that can impact the shipping cost calculations.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 05 Apr 2025 06:15:00 GMT

read more

CVE-2024-13776 - "ZoomSounds WordPress Wave Audio Player with Playlist Unauthorized Data Modification Vulnerability"

CVE ID : CVE-2024-13776
Published : April 5, 2025, 6:15 a.m. | 1 hour, 49 minutes ago
Description : The ZoomSounds - WordPress Wave Audio Player with Playlist plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on the 'dzsap_delete_notice' AJAX action in all versions up to, and including, 6.91. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update option values to 'seen' on the WordPress site. This can be leveraged to update an option that would create an error on the site and deny service to legitimate users or be used to set some values to true such as registration. There are several other functions also vulnerable to missing authorization.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 05 Apr 2025 06:15:00 GMT

read more

CVE-2021-47667 - ZendTo OS Command Injection Vulnerability

CVE ID : CVE-2021-47667
Published : April 5, 2025, 5:15 a.m. | 15 hours, 9 minutes ago
Description : An OS command injection vulnerability in lib/NSSDropoff.php in ZendTo 5.24-3 through 6.x before 6.10-7 allows unauthenticated remote attackers to execute arbitrary commands via shell metacharacters in the tmp_name parameter when dropping off a file via a POST /dropoff request.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 05 Apr 2025 05:15:00 GMT

read more

CVE-2025-32352 - ZendTo PHP Authentication Type Confusion Vulnerability

CVE ID : CVE-2025-32352
Published : April 5, 2025, 5:15 a.m. | 15 hours, 9 minutes ago
Description : A type confusion vulnerability in lib/NSSAuthenticator.php in ZendTo before v5.04-7 allows remote attackers to bypass authentication for users with passwords stored as MD5 hashes that can be interpreted as numbers. A solution requires moving from MD5 to bcrypt.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 05 Apr 2025 05:15:00 GMT

read more

CVE-2024-13604 - KB Support WordPress Sensitive Information Exposure Vulnerability

CVE ID : CVE-2024-13604
Published : April 5, 2025, 2:15 a.m. | 18 hours, 10 minutes ago
Description : The KB Support – Customer Support Ticket & Helpdesk Plugin, Knowledge Base Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.7.4 via the 'kbs' directory. This makes it possible for unauthenticated attackers to extract sensitive data stored insecurely in the /wp-content/uploads/kbs directory which can contain file attachments included in support tickets. The vulnerability was partially patched in version 1.7.3.2.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 05 Apr 2025 02:15:00 GMT

read more

CVE-2025-0810 - WordPress Read More Accordion CSRF

CVE ID : CVE-2025-0810
Published : April 5, 2025, 2:15 a.m. | 18 hours, 10 minutes ago
Description : The Read More & Accordion plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.4.5. This is due to missing or incorrect nonce validation on the addNewButtons() function. This makes it possible for unauthenticated attackers to include and execute arbitrary PHP files via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 05 Apr 2025 02:15:00 GMT

read more

CVE-2025-2544 - WordPress AI Content Pipelines Stored Cross-Site Scripting

CVE ID : CVE-2025-2544
Published : April 5, 2025, 2:15 a.m. | 18 hours, 10 minutes ago
Description : The AI Content Pipelines plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 05 Apr 2025 02:15:00 GMT

read more

CVE-2025-2933 - "WordPress Email Notifications for Updates Unauthenticated Privilege Escalation"

CVE ID : CVE-2025-2933
Published : April 5, 2025, 2:15 a.m. | 18 hours, 10 minutes ago
Description : The Email Notifications for Updates plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the awun_import_settings() function in all versions up to, and including, 1.1.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 05 Apr 2025 02:15:00 GMT

read more

CVE-2025-1500 - IBM Maximo Application Suite File Upload Privilege Escalation Vulnerability

CVE ID : CVE-2025-1500
Published : April 5, 2025, 1:15 a.m. | 19 hours, 9 minutes ago
Description : IBM Maximo Application Suite 9.0 could allow an authenticated user to upload a file with dangerous types that could be executed by another user if opened.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 05 Apr 2025 01:15:00 GMT

read more

CVE-2025-2889 - WordPress Link Library Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-2889
Published : April 5, 2025, 12:15 a.m. | 20 hours, 10 minutes ago
Description : The Link Library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Link Additional Parameters in all versions up to, and including, 7.7.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Sat, 05 Apr 2025 00:15:00 GMT

read more

CVE-2025-3268 - TinyWebServer qinguoyi Remote Authentication Bypass

CVE ID : CVE-2025-3268
Published : April 4, 2025, 9:15 p.m. | 23 hours, 9 minutes ago
Description : A vulnerability has been found in qinguoyi TinyWebServer up to 1.0 and classified as critical. This vulnerability affects unknown code of the file http/http_conn.cpp. The manipulation of the argument m_url_real leads to improper authentication. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 21:15:00 GMT

read more

CVE-2025-3267 - TinyWebServer SQL Injection Vulnerability

CVE ID : CVE-2025-3267
Published : April 4, 2025, 8:15 p.m. | 1 day ago
Description : A vulnerability, which was classified as critical, was found in qinguoyi TinyWebServer up to 1.0. This affects an unknown part of the file /http/http_conn.cpp. The manipulation of the argument name/password leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 20:15:00 GMT

read more

CVE-2025-3265 - PHPGurukul e-Diary Management System SQL Injection

CVE ID : CVE-2025-3265
Published : April 4, 2025, 8:15 p.m. | 11 hours, 50 minutes ago
Description : A vulnerability classified as critical was found in PHPGurukul e-Diary Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /add-category.php. The manipulation of the argument Category leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 20:15:00 GMT

read more

CVE-2025-3266 - Qinguoyi TinyWebServer Stack-Based Buffer Overflow

CVE ID : CVE-2025-3266
Published : April 4, 2025, 8:15 p.m. | 22 hours, 58 minutes ago
Description : A vulnerability, which was classified as critical, has been found in qinguoyi TinyWebServer up to 1.0. Affected by this issue is some unknown functionality of the file /http/http_conn.cpp. The manipulation of the argument name/password leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 20:15:00 GMT

read more

CVE-2024-11235 - Apache PHP Use-After-Free Remote Code Execution Vulnerability

CVE ID : CVE-2024-11235
Published : April 4, 2025, 6:15 p.m. | 13 hours, 49 minutes ago
Description : In PHP versions 8.3.* before 8.3.19 and 8.4.* before 8.4.5, a code sequence involving __set handler or ??=  operator and exceptions can lead to a use-after-free vulnerability. If the third party can control the memory layout leading to this, for example by supplying specially crafted inputs to the script, it could lead to remote code execution.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 18:15:00 GMT

read more

CVE-2025-29476 - OSS-Fuzz c-blosc2 Buffer Overflow

CVE ID : CVE-2025-29476
Published : April 4, 2025, 6:15 p.m. | 22 hours, 9 minutes ago
Description : Buffer Overflow vulnerability in compress_chunk_fuzzer with oss-fuzz on commit 16450518afddcb3139de627157208e49bfef6987 in c-blosc2 v.2.17.0 and before.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 18:15:00 GMT

read more

CVE-2025-29477 - Fluent-Bit Denial of Service Vulnerability

CVE ID : CVE-2025-29477
Published : April 4, 2025, 6:15 p.m. | 22 hours, 9 minutes ago
Description : An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the function consume_event.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 18:15:00 GMT

read more

CVE-2025-3259 - Tenda RX3 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-3259
Published : April 4, 2025, 6:15 p.m. | 22 hours, 9 minutes ago
Description : A vulnerability, which was classified as critical, has been found in Tenda RX3 16.03.13.11. This issue affects the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 18:15:00 GMT

read more

CVE-2025-3256 - Xujiangfei Admintwo Remote File Improper Access Control Vulnerability

CVE ID : CVE-2025-3256
Published : April 4, 2025, 5:15 p.m. | 15 hours, 58 minutes ago
Description : A vulnerability was found in xujiangfei admintwo 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /user/updateSet. The manipulation of the argument email leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 17:15:00 GMT

read more

CVE-2025-3257 - Xujiangfei Admintwo Cross-Site Request Forgery Vulnerability

CVE ID : CVE-2025-3257
Published : April 4, 2025, 5:15 p.m. | 15 hours, 58 minutes ago
Description : A vulnerability classified as problematic has been found in xujiangfei admintwo 1.0. This affects an unknown part of the file /user/updateSet. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 17:15:00 GMT

read more

CVE-2025-3258 - PHPGurukul Old Age Home Management System SQL Injection Vulnerability

CVE ID : CVE-2025-3258
Published : April 4, 2025, 5:15 p.m. | 15 hours, 58 minutes ago
Description : A vulnerability classified as critical was found in PHPGurukul Old Age Home Management System 1.0. This vulnerability affects unknown code of the file /search.php. The manipulation of the argument searchdata leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 17:15:00 GMT

read more

CVE-2025-3255 - Xujiangfei Admintwo Remote File Access Control Bypass Vulnerability

CVE ID : CVE-2025-3255
Published : April 4, 2025, 4:15 p.m. | 15 hours, 49 minutes ago
Description : A vulnerability was found in xujiangfei admintwo 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /user/home. The manipulation of the argument ID leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 16:15:00 GMT

read more

CVE-2025-31420 - Tomdever wpForo Forum Privilege Escalation

CVE ID : CVE-2025-31420
Published : April 4, 2025, 1:15 p.m. | 48 minutes ago
Description : Incorrect Privilege Assignment vulnerability in Tomdever wpForo Forum allows Privilege Escalation.This issue affects wpForo Forum: from n/a through 2.4.2.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 13:15:00 GMT

read more

CVE-2025-31421 - Oblak Studio Srbtranslatin Information Disclosure Vulnerability

CVE ID : CVE-2025-31421
Published : April 4, 2025, 1:15 p.m. | 48 minutes ago
Description : Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in Oblak Studio Srbtranslatin allows Retrieve Embedded Sensitive Data.This issue affects Srbtranslatin: from n/a through 3.2.0.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 13:15:00 GMT

read more

CVE-2025-3189 - DoWISP Stored Cross-Site Scripting

CVE ID : CVE-2025-3189
Published : April 4, 2025, 1:15 p.m. | 48 minutes ago
Description : Stored Cross-Site Scripting (XSS) in DoWISP in versions prior to 1.16.2.50, which consists of an stored XSS through the upload of a profile picture in SVG format with malicious Javascript code in it.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 13:15:00 GMT

read more

CVE-2025-3243 - Code-projects Patient Record Management System SQL Injection Vulnerability

CVE ID : CVE-2025-3243
Published : April 4, 2025, 12:15 p.m. | 1 hour, 48 minutes ago
Description : A vulnerability was found in code-projects Patient Record Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /dental_form.php. The manipulation of the argument itr_no leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 12:15:00 GMT

read more

CVE-2025-3244 - SourceCodester Web-based Pharmacy Product Management System File Upload Vulnerability

CVE ID : CVE-2025-3244
Published : April 4, 2025, 12:15 p.m. | 1 hour, 48 minutes ago
Description : A vulnerability was found in SourceCodester Web-based Pharmacy Product Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /add-admin.php of the component Create User Page. The manipulation of the argument Avatar leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 12:15:00 GMT

read more

CVE-2025-3245 - iSourcecode Library Management System SQL Injection

CVE ID : CVE-2025-3245
Published : April 4, 2025, 12:15 p.m. | 1 hour, 48 minutes ago
Description : A vulnerability was found in itsourcecode Library Management System 1.0. It has been rated as critical. Affected by this issue is the function Search of the file library_management/src/Library_Management/Forgot.java. The manipulation of the argument txtuname leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 12:15:00 GMT

read more

CVE-2025-22282 - EPC ez Form Calculator WordPress Plugin Cross-site Scripting Vulnerability

CVE ID : CVE-2025-22282
Published : April 4, 2025, 11:15 a.m. | 2 hours, 48 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EPC ez Form Calculator - WordPress plugin allows Reflected XSS.This issue affects ez Form Calculator - WordPress plugin: from n/a through 2.14.1.2.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 11:15:00 GMT

read more

CVE-2025-3239 - PHPGurukul Online Fire Reporting System SQL Injection Vulnerability

CVE ID : CVE-2025-3239
Published : April 4, 2025, 11:15 a.m. | 2 hours, 48 minutes ago
Description : A vulnerability classified as critical was found in PHPGurukul Online Fire Reporting System 1.2. Affected by this vulnerability is an unknown functionality of the file /admin/edit-guard-detail.php. The manipulation of the argument editid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 11:15:00 GMT

read more

CVE-2025-3240 - PHPGurukul Online Fire Reporting System SQL Injection Vulnerability

CVE ID : CVE-2025-3240
Published : April 4, 2025, 11:15 a.m. | 2 hours, 48 minutes ago
Description : A vulnerability, which was classified as critical, has been found in PHPGurukul Online Fire Reporting System 1.2. Affected by this issue is some unknown functionality of the file /admin/search.php. The manipulation of the argument searchdata leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 11:15:00 GMT

read more

CVE-2025-3241 - Zhangyanbo2007 Youkefu XML External Entity Reference (XXE) Vulnerability

CVE ID : CVE-2025-3241
Published : April 4, 2025, 11:15 a.m. | 2 hours, 48 minutes ago
Description : A vulnerability, which was classified as problematic, was found in zhangyanbo2007 youkefu up to 4.2.0. This affects an unknown part of the file src/main/java/com/ukefu/webim/web/handler/admin/callcenter/CallCenterRouterController.java of the component XML Document Handler. The manipulation of the argument routercontent leads to xml external entity reference. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 11:15:00 GMT

read more

CVE-2025-3242 - PHPGurukul e-Diary Management System SQL Injection Vulnerability

CVE ID : CVE-2025-3242
Published : April 4, 2025, 11:15 a.m. | 2 hours, 48 minutes ago
Description : A vulnerability has been found in PHPGurukul e-Diary Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /search-result.php. The manipulation of the argument searchdata leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 11:15:00 GMT

read more

CVE-2025-1865 - Adobe Kernel Privilege Escalation Vulnerability

CVE ID : CVE-2025-1865
Published : April 4, 2025, 10:15 a.m. | 3 hours, 48 minutes ago
Description : The kernel driver, accessible to low-privileged users, exposes a function that fails to properly validate the privileges of the calling process. This allows creating files at arbitrary locations with full user control, ultimately allowing for privilege escalation to SYSTEM.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 10:15:00 GMT

read more

CVE-2025-2243 - Bitdefender GravityZone Console SSRF

CVE ID : CVE-2025-2243
Published : April 4, 2025, 10:15 a.m. | 3 hours, 48 minutes ago
Description : A server-side request forgery (SSRF) vulnerability in Bitdefender GravityZone Console allows an attacker to bypass input validation logic using leading characters in DNS requests. Paired with other potential vulnerabilities, this bypass could be used for execution of third party code. This issue affects GravityZone Console: before 6.41.2.1.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 10:15:00 GMT

read more

CVE-2025-2244 - Bitdefender GravityZone Console PHP Object Injection Vulnerability

CVE ID : CVE-2025-2244
Published : April 4, 2025, 10:15 a.m. | 3 hours, 48 minutes ago
Description : A vulnerability in the sendMailFromRemoteSource method in Emails.php  as used in Bitdefender GravityZone Console unsafely uses php unserialize() on user-supplied input without validation. By crafting a malicious serialized payload, an attacker can trigger PHP object injection, perform a file write, and gain arbitrary command execution on the host system.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 10:15:00 GMT

read more

CVE-2025-2245 - Bitdefender GravityZone Update Server SSRF

CVE ID : CVE-2025-2245
Published : April 4, 2025, 10:15 a.m. | 3 hours, 48 minutes ago
Description : A server-side request forgery (SSRF) vulnerability exists in the Bitdefender GravityZone Update Server when operating in Relay Mode. The HTTP proxy component on port 7074 uses a domain allowlist to restrict outbound requests, but fails to properly sanitize hostnames containing null-byte (%00) sequences. By crafting a request to a domain such as evil.com%00.bitdefender.com, an attacker can bypass the allowlist check, causing the proxy to forward requests to arbitrary external or internal systems.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 10:15:00 GMT

read more

CVE-2025-3235 - PHPGurukul Old Age Home Management System SQL Injection

CVE ID : CVE-2025-3235
Published : April 4, 2025, 10:15 a.m. | 3 hours, 48 minutes ago
Description : A vulnerability was found in PHPGurukul Old Age Home Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/profile.php. The manipulation of the argument adminname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 10:15:00 GMT

read more

CVE-2025-3236 - Tenda Web Management Interface Improper Access Control Vulnerability

CVE ID : CVE-2025-3236
Published : April 4, 2025, 10:15 a.m. | 3 hours, 48 minutes ago
Description : A vulnerability was found in Tenda FH1202 1.2.0.14(408). It has been declared as critical. This vulnerability affects unknown code of the file /goform/VirSerDMZ of the component Web Management Interface. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 10:15:00 GMT

read more

CVE-2025-3237 - Tenda FH1202 File Access Control Vulnerability

CVE ID : CVE-2025-3237
Published : April 4, 2025, 10:15 a.m. | 3 hours, 48 minutes ago
Description : A vulnerability was found in Tenda FH1202 1.2.0.14(408). It has been rated as critical. This issue affects some unknown processing of the file /goform/wrlwpsset. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 10:15:00 GMT

read more

CVE-2025-3238 - PHPGurukul Online Fire Reporting System SQL Injection Vulnerability

CVE ID : CVE-2025-3238
Published : April 4, 2025, 10:15 a.m. | 3 hours, 48 minutes ago
Description : A vulnerability classified as critical has been found in PHPGurukul Online Fire Reporting System 1.2. Affected is an unknown function of the file /search-request.php. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 10:15:00 GMT

read more

CVE-2025-3229 - PHPGurukul Restaurant Table Booking System SQL Injection Vulnerability

CVE ID : CVE-2025-3229
Published : April 4, 2025, 9:15 a.m. | 4 hours, 48 minutes ago
Description : A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /edit-subadmin.php. The manipulation of the argument fullname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 09:15:00 GMT

read more

CVE-2025-3231 - PHPGurukul Zoo Management System SQL Injection Vulnerability

CVE ID : CVE-2025-3231
Published : April 4, 2025, 9:15 a.m. | 4 hours, 48 minutes ago
Description : A vulnerability was found in PHPGurukul Zoo Management System 2.1. It has been rated as critical. This issue affects some unknown processing of the file /aboutus.php. The manipulation of the argument pagetitle leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 09:15:00 GMT

read more

CVE-2025-3105 - Vehica Core WordPress Plugin Privilege Escalation Vulnerability

CVE ID : CVE-2025-3105
Published : April 4, 2025, 8:15 a.m. | 5 hours, 48 minutes ago
Description : The Vehica Core plugin for WordPress, used by the Vehica - Car Dealer & Listing WordPress Theme, is vulnerable to privilege escalation in all versions up to, and including, 1.0.97. This is due to the plugin not properly validating user meta fields prior to updating them in the database. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change escalate their privileges to Administrator.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 08:15:00 GMT

read more

CVE-2025-3219 - Perfex CRM Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3219
Published : April 4, 2025, 8:15 a.m. | 5 hours, 48 minutes ago
Description : A vulnerability was found in CodeCanyon Perfex CRM 3.2.1. It has been classified as problematic. Affected is an unknown function of the file /perfex/clients/project/2 of the component Project Discussions Module. The manipulation of the argument description leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 08:15:00 GMT

read more

CVE-2025-3220 - PHPGurukul e-Diary Management System SQL Injection

CVE ID : CVE-2025-3220
Published : April 4, 2025, 8:15 a.m. | 5 hours, 48 minutes ago
Description : A vulnerability was found in PHPGurukul e-Diary Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /dashboard.php. The manipulation of the argument Category leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 08:15:00 GMT

read more

CVE-2025-3217 - PHPGurukul e-Diary Management System SQL Injection Vulnerability

CVE ID : CVE-2025-3217
Published : April 4, 2025, 7:15 a.m. | 6 hours, 48 minutes ago
Description : A vulnerability was found in PHPGurukul e-Diary Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /registration.php. The manipulation of the argument emailid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 07:15:00 GMT

read more

CVE-2025-2797 - WordPress Woffice Core CSRF

CVE ID : CVE-2025-2797
Published : April 4, 2025, 7:15 a.m. | 4 hours, 47 minutes ago
Description : The Woffice Core plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.4.21. This is due to missing or incorrect nonce validation on the 'woffice_handle_user_approval_actions' function. This makes it possible for unauthenticated attackers to approve registration for any user via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 07:15:00 GMT

read more

CVE-2025-32111 - Docker/Acme.sh Insecure GitHub Workflow Credentials Disclosure

CVE ID : CVE-2025-32111
Published : April 4, 2025, 7:15 a.m. | 4 hours, 47 minutes ago
Description : The Docker image from acme.sh before 40b6db6 is based on a .github/workflows/dockerhub.yml file that lacks "persist-credentials: false" for actions/checkout.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 07:15:00 GMT

read more

CVE-2025-3086 - M-Files Server Anonymous User Isolation Bypass Denial of Service

CVE ID : CVE-2025-3086
Published : April 4, 2025, 7:15 a.m. | 4 hours, 47 minutes ago
Description : Improper isolation of users in M-Files Server version before 25.3.14549 allows anonymous user to affect other anonymous users views and possibly cause a denial of service
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 07:15:00 GMT

read more

CVE-2025-3087 - M-Files Stored XSS

CVE ID : CVE-2025-3087
Published : April 4, 2025, 7:15 a.m. | 4 hours, 47 minutes ago
Description : Stored XSS in M-Files Web versions from 25.1.14445.5 to 25.2.14524.4 allows an authenticated user to run scripts
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 07:15:00 GMT

read more

CVE-2025-3215 - PHPGurukul Restaurant Table Booking System SQL Injection Vulnerability

CVE ID : CVE-2025-3215
Published : April 4, 2025, 7:15 a.m. | 4 hours, 47 minutes ago
Description : A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/add-subadmin.php. The manipulation of the argument fullname leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 07:15:00 GMT

read more

CVE-2025-3216 - PHPGurukul e-Diary Management System SQL Injection

CVE ID : CVE-2025-3216
Published : April 4, 2025, 7:15 a.m. | 4 hours, 47 minutes ago
Description : A vulnerability was found in PHPGurukul e-Diary Management System 1.0. It has been classified as critical. This affects an unknown part of the file /password-recovery.php. The manipulation of the argument username/contactno leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 07:15:00 GMT

read more

CVE-2025-2780 - Woffice Core WordPress Remote File Upload Vulnerability

CVE ID : CVE-2025-2780
Published : April 4, 2025, 7:15 a.m. | 2 hours, 47 minutes ago
Description : The Woffice Core plugin for WordPress, used by the Woffice Theme, is vulnerable to arbitrary file uploads due to missing file type validation in the 'saveFeaturedImage' function in all versions up to, and including, 5.4.21. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 07:15:00 GMT

read more

CVE-2024-13645 - TagDiv Composer PHP Object Instantiation Vulnerability

CVE ID : CVE-2024-13645
Published : April 4, 2025, 6:15 a.m. | 3 hours, 47 minutes ago
Description : The tagDiv Composer plugin for WordPress is vulnerable to PHP Object Instantiation in all versions up to, and including, 5.3 via module parameter. This makes it possible for unauthenticated attackers to Instantiate a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 06:15:00 GMT

read more

CVE-2024-13708 - WooCommerce Booster for WordPress Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2024-13708
Published : April 4, 2025, 6:15 a.m. | 3 hours, 47 minutes ago
Description : The Booster for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in versions 4.0.1 to 7.2.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 06:15:00 GMT

read more

CVE-2024-13898 - WordPress Simple Banner Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2024-13898
Published : April 4, 2025, 6:15 a.m. | 3 hours, 47 minutes ago
Description : The Simple Banner – Easily add multiple Banners/Bars/Notifications/Announcements to the top or bottom of your website plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.0.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 06:15:00 GMT

read more

CVE-2024-42208 - HCL Connections Information Disclosure Vulnerability

CVE ID : CVE-2024-42208
Published : April 4, 2025, 6:15 a.m. | 3 hours, 47 minutes ago
Description : HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user to obtain sensitive information they are not entitled to, caused by improper handling of request data.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 06:15:00 GMT

read more

CVE-2025-2159 - M-Files Server Stored XSS Vulnerability

CVE ID : CVE-2025-2159
Published : April 4, 2025, 6:15 a.m. | 3 hours, 47 minutes ago
Description : Stored XSS in Desktop UI in M-Files Server Admin tool before version 25.3.14681.7 on Windows allows authenticated local user to run scripts via UI
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 06:15:00 GMT

read more

CVE-2025-2270 - WordPress Countdown Clock Plugin Local File Inclusion Vulnerability

CVE ID : CVE-2025-2270
Published : April 4, 2025, 6:15 a.m. | 3 hours, 47 minutes ago
Description : The Countdown, Coming Soon, Maintenance – Countdown & Clock plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.8.9.1 via the createCdObj function. This makes it possible for unauthenticated attackers to include and execute files with the specific filenames on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in some cases.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 06:15:00 GMT

read more

CVE-2025-2279 - Maps WordPress Plugin Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-2279
Published : April 4, 2025, 6:15 a.m. | 3 hours, 47 minutes ago
Description : The Maps WordPress plugin through 1.0.6 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 06:15:00 GMT

read more

CVE-2025-2317 - WordPress Product Filter by WBW SQL Injection

CVE ID : CVE-2025-2317
Published : April 4, 2025, 6:15 a.m. | 3 hours, 47 minutes ago
Description : The Product Filter by WBW plugin for WordPress is vulnerable to time-based SQL Injection via the filtersDataBackend parameter in all versions up to, and including, 2.7.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 06:15:00 GMT

read more

CVE-2025-2836 - RegistrationMagic WordPress Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-2836
Published : April 4, 2025, 6:15 a.m. | 3 hours, 47 minutes ago
Description : The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘payment_method’ parameter in all versions up to, and including, 6.0.4.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 06:15:00 GMT

read more

CVE-2025-3211 - Code-projects Patient Record Management System SQL Injection Vulnerability

CVE ID : CVE-2025-3211
Published : April 4, 2025, 6:15 a.m. | 3 hours, 47 minutes ago
Description : A vulnerability classified as critical has been found in code-projects Patient Record Management System 1.0. This affects an unknown part of the file /birthing_print.php. The manipulation of the argument itr_no leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 06:15:00 GMT

read more

CVE-2025-3213 - PHPGurukul e-Diary Management System SQL Injection Vulnerability

CVE ID : CVE-2025-3213
Published : April 4, 2025, 6:15 a.m. | 3 hours, 47 minutes ago
Description : A vulnerability classified as critical was found in PHPGurukul e-Diary Management System 1.0. This vulnerability affects unknown code of the file /view-note.php?noteid=11. The manipulation of the argument remark leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 06:15:00 GMT

read more

CVE-2025-3214 - JFinal CMS Path Traversal Vulnerability

CVE ID : CVE-2025-3214
Published : April 4, 2025, 6:15 a.m. | 3 hours, 47 minutes ago
Description : A vulnerability has been found in JFinal CMS up to 5.2.4 and classified as problematic. Affected by this vulnerability is the function engine.getTemplate of the file /readTemplate. The manipulation of the argument template leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The vendor explains that this is not a bug but a feature.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 06:15:00 GMT

read more

CVE-2025-3194 - Bigint-Buffer Buffer Overflow

CVE ID : CVE-2025-3194
Published : April 4, 2025, 5:15 a.m. | 2 hours, 43 minutes ago
Description : Versions of the package bigint-buffer from 0.0.0 are vulnerable to Buffer Overflow in the toBigIntLE() function. Attackers can exploit this to crash the application.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 05:15:00 GMT

read more

CVE-2025-3197 - Apache expand-object Prototype Pollution

CVE ID : CVE-2025-3197
Published : April 4, 2025, 5:15 a.m. | 2 hours, 43 minutes ago
Description : Versions of the package expand-object from 0.0.0 are vulnerable to Prototype Pollution in the expand() function in index.js. This function expands the given string into an object and allows a nested property to be set without checking the provided keys for sensitive properties like __proto__.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 05:15:00 GMT

read more

CVE-2025-3208 - Apache Code-projects Patient Record Management System SQL Injection

CVE ID : CVE-2025-3208
Published : April 4, 2025, 5:15 a.m. | 2 hours, 43 minutes ago
Description : A vulnerability was found in code-projects Patient Record Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /xray_print.php. The manipulation of the argument itr_no leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 05:15:00 GMT

read more

CVE-2025-3209 - Code-projects Patient Record Management System SQL Injection Vulnerability

CVE ID : CVE-2025-3209
Published : April 4, 2025, 5:15 a.m. | 2 hours, 43 minutes ago
Description : A vulnerability was found in code-projects Patient Record Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /add_patient.php. The manipulation of the argument itr_no leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 05:15:00 GMT

read more

CVE-2025-3210 - "Code-Projects Patient Record Management System SQL Injection Vulnerability"

CVE ID : CVE-2025-3210
Published : April 4, 2025, 5:15 a.m. | 2 hours, 43 minutes ago
Description : A vulnerability was found in code-projects Patient Record Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /birthing_pending.php. The manipulation of the argument birth_id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 05:15:00 GMT

read more

CVE-2024-13744 - WooCommerce Booster Arbitrary File Upload Vulnerability

CVE ID : CVE-2024-13744
Published : April 4, 2025, 5:15 a.m. | 42 minutes ago
Description : The Booster for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the validate_product_input_fields_on_add_to_cart function in versions 4.0.1 to 7.2.4. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 05:15:00 GMT

read more

CVE-2025-2075 - WordPress Uncanny Automator Privilege Escalation

CVE ID : CVE-2025-2075
Published : April 4, 2025, 5:15 a.m. | 42 minutes ago
Description : The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 6.3.0.2. This is due to add_role() and user_role() functions missing proper capability checks performed through the validate_rest_call() function. This makes it possible for unauthenticated attackers to set the role of arbitrary users to administrator granting full access to the site, though privilege escalation requires an active account on the site so this is considered an authenticated privilege escalation.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Fri, 04 Apr 2025 05:15:00 GMT

read more

CVE-2025-3191 - "React-Draft-Wysiwyg XSS Vulnerability"

CVE ID : CVE-2025-3191
Published : April 4, 2025, 5:15 a.m. | 42 minutes ago
Description : All versions of the package react-draft-wysiwyg are vulnerable to Cross-site Scripting (XSS) via the Embedded button which will then result in saving the payload in the